github-mirrors/oauth-playground-client
1
0
Fork 0
mirror of https://github.com/ysoftdevs/oauth-playground-client.git synced 2026-04-09 18:43:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add client secret to Auth code flow example

Browse Source
This commit is contained in:
Dusan Jakub
2023-10-18 13:16:18 +02:00
parent 0c6c41f469
commit e7a41e9885
3 changed files with 29 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/flow/code-3.html
View File

@@ -78,6 +78,12 @@
used by the authorization server to identify the application when redirecting the user back to the client. used by the authorization server to identify the application when redirecting the user back to the client.
</p> </p>
</li> </li>
<li class="collection-item">
<p><b><span class="emphasis">client_secret</span>=<span id="clientSecret"></span></b></p>
<p>
Client secret. Note that this flow is wrongly used for a JavaScript application, in which anyone can read the secret.
</p>
</li>
<li class="collection-item"> <li class="collection-item">
<p><b><span class="emphasis">redirect_uri</span>=<span id="redirectUri"></span></b></p> <p><b><span class="emphasis">redirect_uri</span>=<span id="redirectUri"></span></b></p>
<p>The redirect URI</p> <p>The redirect URI</p>
@@ -160,6 +166,7 @@
<script src="../js/env-config.js"></script> <script src="../js/env-config.js"></script>
<script> <script>
const tokenEndpoint = baseUrl + "/token"; const tokenEndpoint = baseUrl + "/token";
const secret = "s3cr3t";
const code = new URLSearchParams(window.location.search).get('code'); const code = new URLSearchParams(window.location.search).get('code');
if (!code) { if (!code) {
@@ -171,6 +178,7 @@
"grant_type=authorization_code" + "\n" "grant_type=authorization_code" + "\n"
+ "&client_id=" + getClientId() + "\n" + "&client_id=" + getClientId() + "\n"
+ "&redirect_uri=" + getRedirectUri() + "\n" + "&redirect_uri=" + getRedirectUri() + "\n"
+ "&client_secret=" + secret + "\n"
+ "&code=" + code; + "&code=" + code;
$("#requestUriExample").text(tokenEndpoint); $("#requestUriExample").text(tokenEndpoint);
@@ -179,6 +187,7 @@
$("#tokenUrl").text(tokenEndpoint); $("#tokenUrl").text(tokenEndpoint);
$("#grantType").text("authorization_code"); $("#grantType").text("authorization_code");
$("#clientId").text(getClientId()); $("#clientId").text(getClientId());
$("#clientSecret").text(secret);
$("#redirectUri").text(getRedirectUri()); $("#redirectUri").text(getRedirectUri());
$("#code").text(code); $("#code").text(code);
} }
@@ -193,6 +202,7 @@
const bodyData = new URLSearchParams(); const bodyData = new URLSearchParams();
bodyData.append('grant_type', 'authorization_code'); bodyData.append('grant_type', 'authorization_code');
bodyData.append('client_id', getClientId()); bodyData.append('client_id', getClientId());
bodyData.append('client_secret', secret);
bodyData.append('redirect_uri', getRedirectUri()); bodyData.append('redirect_uri', getRedirectUri());
bodyData.append('code', code); bodyData.append('code', code);

18
src/twistd.log Normal file
View File

@@ -0,0 +1,18 @@
2023-10-02T11:26:21+0200 [twisted.scripts._twistd_unix.UnixAppLogger#info] twistd 23.8.0 (/home/linuxbrew/.linuxbrew/opt/python@3.11/bin/python3.11 3.11.3) starting up.
2023-10-02T11:26:21+0200 [twisted.scripts._twistd_unix.UnixAppLogger#info] reactor class: twisted.internet.epollreactor.EPollReactor.
2023-10-02T11:26:21+0200 [-] Site starting on 8080
2023-10-02T11:26:21+0200 [twisted.web.server.Site#info] Starting factory <twisted.web.server.Site object at 0x7fbbc18a7ad0>
2023-10-02T11:27:51+0200 [-] Received SIGTERM, shutting down.
2023-10-02T11:27:51+0200 [-] (TCP Port 8080 Closed)
2023-10-02T11:27:51+0200 [twisted.web.server.Site#info] Stopping factory <twisted.web.server.Site object at 0x7fbbc18a7ad0>
2023-10-02T11:27:51+0200 [-] Main loop terminated.
2023-10-02T11:27:51+0200 [twisted.scripts._twistd_unix.UnixAppLogger#info] Server Shut Down.
2023-10-02T11:27:53+0200 [twisted.scripts._twistd_unix.UnixAppLogger#info] twistd 23.8.0 (/home/linuxbrew/.linuxbrew/opt/python@3.11/bin/python3.11 3.11.3) starting up.
2023-10-02T11:27:53+0200 [twisted.scripts._twistd_unix.UnixAppLogger#info] reactor class: twisted.internet.epollreactor.EPollReactor.
2023-10-02T11:27:53+0200 [-] Site starting on 8080
2023-10-02T11:27:53+0200 [twisted.web.server.Site#info] Starting factory <twisted.web.server.Site object at 0x7f2dd4237a10>
2023-10-02T11:28:54+0200 [-] Received SIGTERM, shutting down.
2023-10-02T11:28:54+0200 [-] (TCP Port 8080 Closed)
2023-10-02T11:28:54+0200 [twisted.web.server.Site#info] Stopping factory <twisted.web.server.Site object at 0x7f2dd4237a10>
2023-10-02T11:28:54+0200 [-] Main loop terminated.
2023-10-02T11:28:54+0200 [twisted.scripts._twistd_unix.UnixAppLogger#info] Server Shut Down.

1
src/twistd.pid Normal file
View File

@@ -0,0 +1 @@
5688