|
|
|
|
|
|
by homakov
4839 days ago
|
|
|
you just raised another problem haha. response_type. it's also flexible. Even if app 99.99% of time uses response_type=code someday hacker comes and usues token on hacked redirect_uri. simply speaking response_type is also should be static and constant. But, gosh, let's fix first-world-problem first |
|
|
Thanks!