From a3ed22930e22263eb4132f7b50278ed1d87b674f Mon Sep 17 00:00:00 2001
From: Bernd Eckstein <Bernd.Eckstein@faro.com>
Date: Thu, 15 Oct 2020 09:07:05 +0200
Subject: [PATCH] Output info message when PKCE without client_secret used on
 confidential client

* removes the special error message

Signed-off-by: Bernd Eckstein <Bernd.Eckstein@faro.com>
---
 server/handlers.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/server/handlers.go b/server/handlers.go
index f368777454..dc80f6c828 100644
--- a/server/handlers.go
+++ b/server/handlers.go
@@ -760,8 +760,8 @@ func (s *Server) handleToken(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	if clientSecret == "" && client.Secret != "" && r.PostFormValue("code_verifier") != "" {
-		s.tokenErrHelper(w, errInvalidClient, "Missing client credentials. If you want to use PKCE without client_secret, create a public dex client.", http.StatusUnauthorized)
-		return
+		s.logger.Infof("detected PKCE token request without client_secret on client %s. "+
+			"Set the client to be pubic without client_secret, if you want to allow this.", client.ID)
 	}
 	if client.Secret != clientSecret {
 		s.tokenErrHelper(w, errInvalidClient, "Invalid client credentials.", http.StatusUnauthorized)