github-mirrors/oauth-playground-server
1
0
Fork 0
mirror of https://github.com/ysoftdevs/oauth-playground-server.git synced 2026-01-11 14:30:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

accept any secret for open clients

Browse Source
This commit is contained in:
Dusan Jakub
2023-10-18 13:09:33 +02:00
parent a57f40e0a4
commit b4e19944af
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/main/java/com/ysoft/geecon/dto/OAuthClient.java
View File

@@ -9,6 +9,7 @@ public record OAuthClient(String clientId, String description, String clientSecr
}
public boolean validateSecret(String clientSecret) {
return Objects.equals(clientSecret, this.clientSecret);
// WARN: For open clients we purposefully accept any secrets
return this.clientSecret == null || Objects.equals(clientSecret, this.clientSecret);
}
}