Description
I can see that clientId and clientSecret parameters are passed in the getClient function of the model. This function is accessed from the token-handler.js and authorize-handler.js files. It is mentioned here that the token-handler.js file is accessed with clientId and clientSecret and the authorize-handler.js file is accessed only with clientId. I have fetched the client data from the database in the getClient function of the model, my codebase is
getClient: async function (clientId, clientSecret) { let result: any = {}; const oauthClient = await OauthClientRepository.findOne({id:clientId, secret: clientSecret}); if (oauthClient) { result = { clientId: oauthClient.id, userId: oauthClient.user_id, clientSecret: oauthClient.secret, grants: ['authorization_code', 'client_credentials', 'refresh_token', 'password'], redirectUris: [oauthClient.redirect], clientName: oauthClient.name }; } return new Promise(resolve => { resolve(result) }) },
Here since I have made a query with clientId and clientSecret. So it is important to pass these two parameters in the getClient function.
Or should I complete the query only with clientId?