From 2bd6202c7be2342b0030c9e9001926b926b70a4e Mon Sep 17 00:00:00 2001 From: Jan Trejbal Date: Wed, 27 Sep 2023 11:29:57 +0200 Subject: [PATCH] Do not set clientSecret for CODE-PKCE (#4184) --- src/NSwag.AspNet.Owin/SwaggerUi3/index.html | 11 ++++++++--- src/NSwag.AspNetCore/SwaggerUi3/index.html | 11 ++++++++--- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/src/NSwag.AspNet.Owin/SwaggerUi3/index.html b/src/NSwag.AspNet.Owin/SwaggerUi3/index.html index e8c488b0f1..bab086e4c0 100644 --- a/src/NSwag.AspNet.Owin/SwaggerUi3/index.html +++ b/src/NSwag.AspNet.Owin/SwaggerUi3/index.html @@ -85,16 +85,21 @@ }); if ("{ClientId}") { - ui.initOAuth({ + const oAuthConfig = { clientId: "{ClientId}", - clientSecret: "{ClientSecret}", realm: "{Realm}", appName: "{AppName}", scopeSeparator: "{ScopeSeparator}", scopes: {Scopes}, additionalQueryStringParams: {AdditionalQueryStringParameters}, usePkceWithAuthorizationCodeGrant: {UsePkceWithAuthorizationCodeGrant} - }); + }; + + if (!{UsePkceWithAuthorizationCodeGrant}) { + oAuthConfig.clientSecret = "{ClientSecret}"; + } + + ui.initOAuth(oAuthConfig); } window.ui = ui; diff --git a/src/NSwag.AspNetCore/SwaggerUi3/index.html b/src/NSwag.AspNetCore/SwaggerUi3/index.html index e8c488b0f1..bab086e4c0 100644 --- a/src/NSwag.AspNetCore/SwaggerUi3/index.html +++ b/src/NSwag.AspNetCore/SwaggerUi3/index.html @@ -85,16 +85,21 @@ }); if ("{ClientId}") { - ui.initOAuth({ + const oAuthConfig = { clientId: "{ClientId}", - clientSecret: "{ClientSecret}", realm: "{Realm}", appName: "{AppName}", scopeSeparator: "{ScopeSeparator}", scopes: {Scopes}, additionalQueryStringParams: {AdditionalQueryStringParameters}, usePkceWithAuthorizationCodeGrant: {UsePkceWithAuthorizationCodeGrant} - }); + }; + + if (!{UsePkceWithAuthorizationCodeGrant}) { + oAuthConfig.clientSecret = "{ClientSecret}"; + } + + ui.initOAuth(oAuthConfig); } window.ui = ui;