From 7d5ae395d65c08f5c053d53b7c240d85f15ee1ee Mon Sep 17 00:00:00 2001
From: Aaron Glasenapp <glassbead@gmail.com>
Date: Wed, 6 Apr 2016 14:46:51 -0600
Subject: [PATCH 1/3] remove superfluous client_secret

---
 lib/oauth2/strategy/auth_code.ex | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lib/oauth2/strategy/auth_code.ex b/lib/oauth2/strategy/auth_code.ex
index aedea13..a018001 100644
--- a/lib/oauth2/strategy/auth_code.ex
+++ b/lib/oauth2/strategy/auth_code.ex
@@ -52,7 +52,6 @@ defmodule OAuth2.Strategy.AuthCode do
     |> put_param(:code, code)
     |> put_param(:grant_type, "authorization_code")
     |> put_param(:client_id, client.client_id)
-    |> put_param(:client_secret, client.client_secret)
     |> put_param(:redirect_uri, client.redirect_uri)
     |> merge_params(params)
     |> put_headers(headers)

From 102df95ff566bbaee7e3692b4f4310f032d8a697 Mon Sep 17 00:00:00 2001
From: Aaron Glasenapp <glassbead@gmail.com>
Date: Wed, 6 Apr 2016 14:47:54 -0600
Subject: [PATCH 2/3] add required response_type parameter

---
 lib/oauth2/strategy/auth_code.ex | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/oauth2/strategy/auth_code.ex b/lib/oauth2/strategy/auth_code.ex
index a018001..3732773 100644
--- a/lib/oauth2/strategy/auth_code.ex
+++ b/lib/oauth2/strategy/auth_code.ex
@@ -52,6 +52,7 @@ defmodule OAuth2.Strategy.AuthCode do
     |> put_param(:code, code)
     |> put_param(:grant_type, "authorization_code")
     |> put_param(:client_id, client.client_id)
+    |> put_param(:response_type, "code")
     |> put_param(:redirect_uri, client.redirect_uri)
     |> merge_params(params)
     |> put_headers(headers)

From 74b2fdf6297cc28313520ce512610e32a907a416 Mon Sep 17 00:00:00 2001
From: Sonny Scroggin <scrogson@gmail.com>
Date: Wed, 6 Apr 2016 17:48:52 -0500
Subject: [PATCH 3/3] fix up tests for #51

---
 test/oauth2/client_test.exs             | 2 +-
 test/oauth2/strategy/auth_code_test.exs | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/oauth2/client_test.exs b/test/oauth2/client_test.exs
index 7f8033f..8be8ed3 100644
--- a/test/oauth2/client_test.exs
+++ b/test/oauth2/client_test.exs
@@ -41,7 +41,7 @@ defmodule OAuth2.ClientTest do
       refute conn.query_string == ""
       assert conn.query_params["code"] == "code1234"
       assert conn.query_params["redirect_uri"]
-      assert conn.query_params["client_secret"]
+      assert conn.query_params["response_type"] == "code"
       send_resp(conn, 200, ~s({"access_token":"test1234"}))
     end
 
diff --git a/test/oauth2/strategy/auth_code_test.exs b/test/oauth2/strategy/auth_code_test.exs
index 38d1df7..0c64518 100644
--- a/test/oauth2/strategy/auth_code_test.exs
+++ b/test/oauth2/strategy/auth_code_test.exs
@@ -39,7 +39,7 @@ defmodule OAuth2.Strategy.AuthCodeTest do
       assert body["grant_type"] == "authorization_code"
       assert body["code"] == code
       assert body["client_id"] == client.client_id
-      assert body["client_secret"] == client.client_secret
+      assert body["response_type"] == "code"
       assert body["redirect_uri"] == client.redirect_uri
 
       send_resp(conn, 302, ~s({"access_token":"#{access_token}"}))