github-mirrors/oauth-playground-client
1
0
Fork 0
mirror of https://github.com/ysoftdevs/oauth-playground-client.git synced 2026-01-11 14:30:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add client secret to Auth code flow example

Browse Source
This commit is contained in:
Dusan Jakub
2023-10-18 13:16:18 +02:00
parent 0c6c41f469
commit e7a41e9885
3 changed files with 29 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/flow/code-3.html
View File

@@ -78,6 +78,12 @@
used by the authorization server to identify the application when redirecting the user back to the client.
</p>
</li>
<li class="collection-item">
<p><b><span class="emphasis">client_secret</span>=<span id="clientSecret"></span></b></p>
<p>
Client secret. Note that this flow is wrongly used for a JavaScript application, in which anyone can read the secret.
</p>
</li>
<li class="collection-item">
<p><b><span class="emphasis">redirect_uri</span>=<span id="redirectUri"></span></b></p>
<p>The redirect URI</p>
@@ -160,6 +166,7 @@
<script src="../js/env-config.js"></script>
<script>
const tokenEndpoint = baseUrl + "/token";
const secret = "s3cr3t";
const code = new URLSearchParams(window.location.search).get('code');
if (!code) {
@@ -171,6 +178,7 @@
"grant_type=authorization_code" + "\n"
+ "&client_id=" + getClientId() + "\n"
+ "&redirect_uri=" + getRedirectUri() + "\n"
+ "&client_secret=" + secret + "\n"
+ "&code=" + code;
$("#requestUriExample").text(tokenEndpoint);
@@ -179,6 +187,7 @@
$("#tokenUrl").text(tokenEndpoint);
$("#grantType").text("authorization_code");
$("#clientId").text(getClientId());
$("#clientSecret").text(secret);
$("#redirectUri").text(getRedirectUri());
$("#code").text(code);
}
@@ -193,6 +202,7 @@
const bodyData = new URLSearchParams();
bodyData.append('grant_type', 'authorization_code');
bodyData.append('client_id', getClientId());
bodyData.append('client_secret', secret);
bodyData.append('redirect_uri', getRedirectUri());
bodyData.append('code', code);

18
src/twistd.log Normal file
View File

@@ -0,0 +1,18 @@
2023-10-02T11:26:21+0200 [twisted.scripts._twistd_unix.UnixAppLogger#info] twistd 23.8.0 (/home/linuxbrew/.linuxbrew/opt/python@3.11/bin/python3.11 3.11.3) starting up.
2023-10-02T11:26:21+0200 [twisted.scripts._twistd_unix.UnixAppLogger#info] reactor class: twisted.internet.epollreactor.EPollReactor.
2023-10-02T11:26:21+0200 [-] Site starting on 8080
2023-10-02T11:26:21+0200 [twisted.web.server.Site#info] Starting factory <twisted.web.server.Site object at 0x7fbbc18a7ad0>
2023-10-02T11:27:51+0200 [-] Received SIGTERM, shutting down.
2023-10-02T11:27:51+0200 [-] (TCP Port 8080 Closed)
2023-10-02T11:27:51+0200 [twisted.web.server.Site#info] Stopping factory <twisted.web.server.Site object at 0x7fbbc18a7ad0>
2023-10-02T11:27:51+0200 [-] Main loop terminated.
2023-10-02T11:27:51+0200 [twisted.scripts._twistd_unix.UnixAppLogger#info] Server Shut Down.
2023-10-02T11:27:53+0200 [twisted.scripts._twistd_unix.UnixAppLogger#info] twistd 23.8.0 (/home/linuxbrew/.linuxbrew/opt/python@3.11/bin/python3.11 3.11.3) starting up.
2023-10-02T11:27:53+0200 [twisted.scripts._twistd_unix.UnixAppLogger#info] reactor class: twisted.internet.epollreactor.EPollReactor.
2023-10-02T11:27:53+0200 [-] Site starting on 8080
2023-10-02T11:27:53+0200 [twisted.web.server.Site#info] Starting factory <twisted.web.server.Site object at 0x7f2dd4237a10>
2023-10-02T11:28:54+0200 [-] Received SIGTERM, shutting down.
2023-10-02T11:28:54+0200 [-] (TCP Port 8080 Closed)
2023-10-02T11:28:54+0200 [twisted.web.server.Site#info] Stopping factory <twisted.web.server.Site object at 0x7f2dd4237a10>
2023-10-02T11:28:54+0200 [-] Main loop terminated.
2023-10-02T11:28:54+0200 [twisted.scripts._twistd_unix.UnixAppLogger#info] Server Shut Down.

1
src/twistd.pid Normal file
View File

@@ -0,0 +1 @@
5688