Use ClientSecret instead of AppSecret when requesting token

Author: Frandi Dwi

OAuthWebSample/OAuthWebSample/Controllers/OAuthController.cs

@@ -128,7 +128,7 @@ public String GenerateAuthorizeUrl()
         public string GenerateRequestPostData(string code)
         {
             return string.Format("client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&client_assertion={0}&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion={1}&redirect_uri={2}",
-                HttpUtility.UrlEncode(ConfigurationManager.AppSettings["AppSecret"]),
+                HttpUtility.UrlEncode(ConfigurationManager.AppSettings["ClientSecret"]),
                 HttpUtility.UrlEncode(code),
                 ConfigurationManager.AppSettings["CallbackUrl"]
                 );
@@ -137,7 +137,7 @@ public string GenerateRequestPostData(string code)
         public string GenerateRefreshPostData(string refreshToken)
         {
             return string.Format("client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&client_assertion={0}&grant_type=refresh_token&assertion={1}&redirect_uri={2}",
-                HttpUtility.UrlEncode(ConfigurationManager.AppSettings["AppSecret"]),
+                HttpUtility.UrlEncode(ConfigurationManager.AppSettings["ClientSecret"]),
                 HttpUtility.UrlEncode(refreshToken),
                 ConfigurationManager.AppSettings["CallbackUrl"]
                 );

OAuthWebSample/OAuthWebSample/Web.config

@@ -13,6 +13,7 @@
     <!-- App Settings for OAuth-->
     <add key="AppId" value=""/>
     <add key="AppSecret" value=""/>
+    <add key="ClientSecret" value=""/>
     <add key="Scope" value=""/>
     <add key="AuthUrl" value="https://app.vssps.visualstudio.com/oauth2/authorize"/>
     <add key="TokenUrl" value="https://app.vssps.visualstudio.com/oauth2/token"/>