forked from OpenNeo/impress
Emi Matchu
e2d763e3c3
Ahh okay, the NeoPass spec says to pass the `client_id` and `client_secret` as POST form data when exchanging the code for the access token, but the default behavior of our client is to pass it as an `Authorization` header instead. In this change, we set an option to change that behavior, and also add a lot of comments about this and the other options! |
||
|---|---|---|
| .. | ||
| application_controller_renderer.rb | ||
| assets.rb | ||
| attack.rb | ||
| backtrace_silencers.rb | ||
| content_security_policy.rb | ||
| cookies_serializer.rb | ||
| devise.rb | ||
| filter_parameter_logging.rb | ||
| inflections.rb | ||
| locale_meta.rb | ||
| mime_types.rb | ||
| permissions_policy.rb | ||
| rspec_generator.rb | ||
| sentry.rb | ||
| session_store.rb | ||
| stripe.rb | ||
| wrap_parameters.rb | ||