Hello all, Short question on the implicit flow with jax-rs. The redirect url with the fragment contains an access_token attribute. Contains a access-token but no secret. So how do you get by the HawkTokenValidator if you have no secret to generate the correct Mac (sha-256) on the client agent?
Thanks for any help! Peter DW -- View this message in context: http://cxf.547215.n5.nabble.com/Oauth2-implicit-fragment-access-token-tp5752521.html Sent from the cxf-user mailing list archive at Nabble.com.
