search

oauth-wg / oauth-v2-1

OAuth 2.1 is a consolidation of the core OAuth 2.0 specs
https://oauth.net/2.1/
Other
53 stars 27 forks source link

Consolidate Text on CSRF and Code Replay #15

Closed tlodderstedt closed 4 years ago

tlodderstedt commented 4 years ago

client MUST use code_challenge to detect both attacks

aaronpk commented 4 years ago

This has been incorporated