Dont Log the clientSecret in OAuth module. Ensure OAuth params are consistent in logs.

Description

The OAuth functionality, specifically the OAuth20AccessTokenController class logs the client secret. This has security side effects.

Also we would want to ensure that expected OAuth params are consistently logged by their proper name.

Environment

None

Status

Assignee

Misagh Moayyed

Reporter

Misagh Moayyed

Labels

None

Estimated End Date

None

Audience

None

Components

Fix versions

Affects versions

3.5.0

Priority

Major