eejebring
commented
1 year ago and why is the password returned in the response body?
Open eejebring opened 1 year ago
eejebring
commented
1 year ago and why is the password returned in the response body?
loan21xw
commented
1 year ago Can you be more specific?
Right now there are no ID-tokens leaving us open to man in the middle attacks.
All communication will go through HTTPS, which should mitigate M-I-T-M attacks.
why is the password returned in the response body?
Where is this?
For security the OAuth protocol should be implemented. Right now there are no ID-tokens leaving us open to man in the middle attacks.