comparison mod_s2s_auth_posh/mod_s2s_auth_posh.lua @ 5407:149634647b48

mod_http_oauth2: Don't issue client_secret when not using authentication This is pretty much only for implicit flow, which is considered insecure anyway, so this is of limited value. If we delete all the implicit flow code, this could be reverted.
author Kim Alvefur <zash@zash.se>
date Tue, 02 May 2023 16:39:32 +0200
parents 58a112bd9792
children
comparison
equal deleted inserted replaced
5406:b86d80e21c60 5407:149634647b48