From 85dc1f6a537d2dd25c7f5a4e1ed1d3cc4fbcbbf7 Mon Sep 17 00:00:00 2001
From: u8989332 <b8989332@gmail.com>
Date: Sun, 13 Oct 2024 20:57:24 +0800
Subject: [PATCH 1/2] fix the wrong token_endpoint_auth_method:
 'client_secret_basic' to 'secret_basic'

---
 example/authorizationServer.js                        | 2 +-
 example/chapter10/authorizationServer.js              | 2 +-
 example/chapter8/authorizationServer.js               | 2 +-
 exercises/ch-12-ex-1/completed/authorizationServer.js | 2 +-
 exercises/ch-12-ex-2/authorizationServer.js           | 2 +-
 exercises/ch-12-ex-2/completed/authorizationServer.js | 2 +-
 exercises/ch-6-ex-5/authorizationServer.js            | 2 +-
 exercises/ch-7-ex-1/authorizationServer.js            | 2 +-
 exercises/ch-8-ex-1/authorizationServer.js            | 2 +-
 exercises/ch-8-ex-2/authorizationServer.js            | 2 +-
 exercises/ch-8-ex-3/authorizationServer.js            | 2 +-
 11 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/example/authorizationServer.js b/example/authorizationServer.js
index b777544a..07cc0758 100644
--- a/example/authorizationServer.js
+++ b/example/authorizationServer.js
@@ -650,7 +650,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/example/chapter10/authorizationServer.js b/example/chapter10/authorizationServer.js
index 3c20776f..3f6cbfa1 100644
--- a/example/chapter10/authorizationServer.js
+++ b/example/chapter10/authorizationServer.js
@@ -661,7 +661,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/example/chapter8/authorizationServer.js b/example/chapter8/authorizationServer.js
index 1846e5e4..ac2bdb89 100644
--- a/example/chapter8/authorizationServer.js
+++ b/example/chapter8/authorizationServer.js
@@ -651,7 +651,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/exercises/ch-12-ex-1/completed/authorizationServer.js b/exercises/ch-12-ex-1/completed/authorizationServer.js
index e0812aea..02d49017 100644
--- a/exercises/ch-12-ex-1/completed/authorizationServer.js
+++ b/exercises/ch-12-ex-1/completed/authorizationServer.js
@@ -315,7 +315,7 @@ app.post('/register', function (req, res){
 	}
 	
 	reg.client_id = randomstring.generate();
-	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/exercises/ch-12-ex-2/authorizationServer.js b/exercises/ch-12-ex-2/authorizationServer.js
index 3700b0ca..98c87e75 100644
--- a/exercises/ch-12-ex-2/authorizationServer.js
+++ b/exercises/ch-12-ex-2/authorizationServer.js
@@ -314,7 +314,7 @@ var checkClientMetadata = function(req, res) {
 	}
 	
 	reg.client_id = randomstring.generate();
-	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 	
diff --git a/exercises/ch-12-ex-2/completed/authorizationServer.js b/exercises/ch-12-ex-2/completed/authorizationServer.js
index 263a8f9a..6ec51ecb 100644
--- a/exercises/ch-12-ex-2/completed/authorizationServer.js
+++ b/exercises/ch-12-ex-2/completed/authorizationServer.js
@@ -324,7 +324,7 @@ app.post('/register', function (req, res){
 	}
 	
 	reg.client_id = randomstring.generate();
-	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 	
diff --git a/exercises/ch-6-ex-5/authorizationServer.js b/exercises/ch-6-ex-5/authorizationServer.js
index 0eeb6188..131e6f03 100644
--- a/exercises/ch-6-ex-5/authorizationServer.js
+++ b/exercises/ch-6-ex-5/authorizationServer.js
@@ -651,7 +651,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/exercises/ch-7-ex-1/authorizationServer.js b/exercises/ch-7-ex-1/authorizationServer.js
index 93a34982..63dd5732 100644
--- a/exercises/ch-7-ex-1/authorizationServer.js
+++ b/exercises/ch-7-ex-1/authorizationServer.js
@@ -651,7 +651,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/exercises/ch-8-ex-1/authorizationServer.js b/exercises/ch-8-ex-1/authorizationServer.js
index 1846e5e4..ac2bdb89 100644
--- a/exercises/ch-8-ex-1/authorizationServer.js
+++ b/exercises/ch-8-ex-1/authorizationServer.js
@@ -651,7 +651,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/exercises/ch-8-ex-2/authorizationServer.js b/exercises/ch-8-ex-2/authorizationServer.js
index 1846e5e4..ac2bdb89 100644
--- a/exercises/ch-8-ex-2/authorizationServer.js
+++ b/exercises/ch-8-ex-2/authorizationServer.js
@@ -651,7 +651,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/exercises/ch-8-ex-3/authorizationServer.js b/exercises/ch-8-ex-3/authorizationServer.js
index 1846e5e4..ac2bdb89 100644
--- a/exercises/ch-8-ex-3/authorizationServer.js
+++ b/exercises/ch-8-ex-3/authorizationServer.js
@@ -651,7 +651,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 

From b27573031fd07fd8fe799ebfa85b0104d26c203a Mon Sep 17 00:00:00 2001
From: u8989332 <b8989332@gmail.com>
Date: Mon, 14 Oct 2024 16:45:51 +0800
Subject: [PATCH 2/2] follow RFC-7591
 https://www.rfc-editor.org/rfc/rfc7591.html

---
 example/authorizationServer.js                        | 6 +++---
 example/chapter10/authorizationServer.js              | 6 +++---
 example/chapter10/client.js                           | 2 +-
 example/chapter8/authorizationServer.js               | 6 +++---
 example/chapter8/client.js                            | 2 +-
 example/client.js                                     | 2 +-
 exercises/ch-11-ex-4/client.js                        | 2 +-
 exercises/ch-12-ex-1/completed/authorizationServer.js | 6 +++---
 exercises/ch-12-ex-1/completed/client.js              | 2 +-
 exercises/ch-12-ex-2/authorizationServer.js           | 6 +++---
 exercises/ch-12-ex-2/client.js                        | 2 +-
 exercises/ch-12-ex-2/completed/authorizationServer.js | 6 +++---
 exercises/ch-12-ex-2/completed/client.js              | 2 +-
 exercises/ch-6-ex-5/authorizationServer.js            | 6 +++---
 exercises/ch-7-ex-1/authorizationServer.js            | 6 +++---
 exercises/ch-8-ex-1/authorizationServer.js            | 6 +++---
 exercises/ch-8-ex-1/client.js                         | 2 +-
 exercises/ch-8-ex-2/authorizationServer.js            | 6 +++---
 exercises/ch-8-ex-3/authorizationServer.js            | 6 +++---
 exercises/ch-8-ex-3/client.js                         | 2 +-
 exercises/ch-9-ex-1/client.js                         | 2 +-
 exercises/ch-9-ex-2/client.js                         | 2 +-
 22 files changed, 44 insertions(+), 44 deletions(-)

diff --git a/example/authorizationServer.js b/example/authorizationServer.js
index 07cc0758..f844fba6 100644
--- a/example/authorizationServer.js
+++ b/example/authorizationServer.js
@@ -568,12 +568,12 @@ var checkClientMetadata = function (req, res) {
 	var reg = {};
 
 	if (!req.body.token_endpoint_auth_method) {
-		reg.token_endpoint_auth_method = 'secret_basic';	
+		reg.token_endpoint_auth_method = 'client_secret_basic';	
 	} else {
 		reg.token_endpoint_auth_method = req.body.token_endpoint_auth_method;
 	}
 	
-	if (!__.contains(['secret_basic', 'secret_post', 'none'], reg.token_endpoint_auth_method)) {
+	if (!__.contains(['client_secret_basic', 'client_secret_post', 'none'], reg.token_endpoint_auth_method)) {
 		res.status(400).json({error: 'invalid_client_metadata'});
 		return;
 	}
@@ -650,7 +650,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/example/chapter10/authorizationServer.js b/example/chapter10/authorizationServer.js
index 3f6cbfa1..c0908566 100644
--- a/example/chapter10/authorizationServer.js
+++ b/example/chapter10/authorizationServer.js
@@ -579,12 +579,12 @@ var checkClientMetadata = function (req, res) {
 	var reg = {};
 
 	if (!req.body.token_endpoint_auth_method) {
-		reg.token_endpoint_auth_method = 'secret_basic';	
+		reg.token_endpoint_auth_method = 'client_secret_basic';	
 	} else {
 		reg.token_endpoint_auth_method = req.body.token_endpoint_auth_method;
 	}
 	
-	if (!__.contains(['secret_basic', 'secret_post', 'none'], reg.token_endpoint_auth_method)) {
+	if (!__.contains(['client_secret_basic', 'client_secret_post', 'none'], reg.token_endpoint_auth_method)) {
 		res.status(400).json({error: 'invalid_client_metadata'});
 		return;
 	}
@@ -661,7 +661,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/example/chapter10/client.js b/example/chapter10/client.js
index 9357ce21..c45ffb3a 100644
--- a/example/chapter10/client.js
+++ b/example/chapter10/client.js
@@ -101,7 +101,7 @@ var registerClient = function() {
 		redirect_uris: ['http://localhost:9000/callback'],
 		grant_types: ['authorization_code'],
 		response_types: ['code'],
-		token_endpoint_auth_method: 'secret_basic',
+		token_endpoint_auth_method: 'client_secret_basic',
 		scope: 'openid profile email address phone'
 	};
 
diff --git a/example/chapter8/authorizationServer.js b/example/chapter8/authorizationServer.js
index ac2bdb89..6c8b0686 100644
--- a/example/chapter8/authorizationServer.js
+++ b/example/chapter8/authorizationServer.js
@@ -569,12 +569,12 @@ var checkClientMetadata = function (req, res) {
 	var reg = {};
 
 	if (!req.body.token_endpoint_auth_method) {
-		reg.token_endpoint_auth_method = 'secret_basic';	
+		reg.token_endpoint_auth_method = 'client_secret_basic';	
 	} else {
 		reg.token_endpoint_auth_method = req.body.token_endpoint_auth_method;
 	}
 	
-	if (!__.contains(['secret_basic', 'secret_post', 'none'], reg.token_endpoint_auth_method)) {
+	if (!__.contains(['client_secret_basic', 'client_secret_post', 'none'], reg.token_endpoint_auth_method)) {
 		res.status(400).json({error: 'invalid_client_metadata'});
 		return;
 	}
@@ -651,7 +651,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/example/chapter8/client.js b/example/chapter8/client.js
index 6e985412..840bae99 100644
--- a/example/chapter8/client.js
+++ b/example/chapter8/client.js
@@ -98,7 +98,7 @@ var registerClient = function() {
 		redirect_uris: ['http://localhost:9000/callback'],
 		grant_types: ['authorization_code'],
 		response_types: ['code'],
-		token_endpoint_auth_method: 'secret_basic',
+		token_endpoint_auth_method: 'client_secret_basic',
 		scope: 'openid profile email address phone'
 	};
 
diff --git a/example/client.js b/example/client.js
index d0c4f9be..c124f81b 100644
--- a/example/client.js
+++ b/example/client.js
@@ -100,7 +100,7 @@ var registerClient = function() {
 		redirect_uris: ['http://localhost:9000/callback'],
 		grant_types: ['authorization_code'],
 		response_types: ['code'],
-		token_endpoint_auth_method: 'secret_basic',
+		token_endpoint_auth_method: 'client_secret_basic',
 		scope: 'openid profile email address phone'
 	};
 
diff --git a/exercises/ch-11-ex-4/client.js b/exercises/ch-11-ex-4/client.js
index 13035a4e..3f6c94a3 100644
--- a/exercises/ch-11-ex-4/client.js
+++ b/exercises/ch-11-ex-4/client.js
@@ -98,7 +98,7 @@ var registerClient = function() {
 		redirect_uris: ['http://localhost:9000/callback'],
 		grant_types: ['authorization_code'],
 		response_types: ['code'],
-		token_endpoint_auth_method: 'secret_basic',
+		token_endpoint_auth_method: 'client_secret_basic',
 		scope: 'openid profile email address phone'
 	};
 
diff --git a/exercises/ch-12-ex-1/completed/authorizationServer.js b/exercises/ch-12-ex-1/completed/authorizationServer.js
index 02d49017..6994a086 100644
--- a/exercises/ch-12-ex-1/completed/authorizationServer.js
+++ b/exercises/ch-12-ex-1/completed/authorizationServer.js
@@ -243,12 +243,12 @@ app.post('/register', function (req, res){
 	var reg = {};
 
 	if (!req.body.token_endpoint_auth_method) {
-		reg.token_endpoint_auth_method = 'secret_basic';	
+		reg.token_endpoint_auth_method = 'client_secret_basic';	
 	} else {
 		reg.token_endpoint_auth_method = req.body.token_endpoint_auth_method;
 	}
 	
-	if (!__.contains(['secret_basic', 'secret_post', 'none'], reg.token_endpoint_auth_method)) {
+	if (!__.contains(['client_secret_basic', 'client_secret_post', 'none'], reg.token_endpoint_auth_method)) {
 		res.status(400).json({error: 'invalid_client_metadata'});
 		return;
 	}
@@ -315,7 +315,7 @@ app.post('/register', function (req, res){
 	}
 	
 	reg.client_id = randomstring.generate();
-	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/exercises/ch-12-ex-1/completed/client.js b/exercises/ch-12-ex-1/completed/client.js
index fcfb92a1..78363f1f 100644
--- a/exercises/ch-12-ex-1/completed/client.js
+++ b/exercises/ch-12-ex-1/completed/client.js
@@ -175,7 +175,7 @@ var registerClient = function() {
 		redirect_uris: ['http://localhost:9000/callback'],
 		grant_types: ['authorization_code'],
 		response_types: ['code'],
-		token_endpoint_auth_method: 'secret_basic',
+		token_endpoint_auth_method: 'client_secret_basic',
 		scope: 'foo bar'
 	};
 
diff --git a/exercises/ch-12-ex-2/authorizationServer.js b/exercises/ch-12-ex-2/authorizationServer.js
index 98c87e75..37615b8b 100644
--- a/exercises/ch-12-ex-2/authorizationServer.js
+++ b/exercises/ch-12-ex-2/authorizationServer.js
@@ -242,12 +242,12 @@ var checkClientMetadata = function(req, res) {
 	var reg = {};
 
 	if (!req.body.token_endpoint_auth_method) {
-		reg.token_endpoint_auth_method = 'secret_basic';	
+		reg.token_endpoint_auth_method = 'client_secret_basic';	
 	} else {
 		reg.token_endpoint_auth_method = req.body.token_endpoint_auth_method;
 	}
 	
-	if (!__.contains(['secret_basic', 'secret_post', 'none'], reg.token_endpoint_auth_method)) {
+	if (!__.contains(['client_secret_basic', 'client_secret_post', 'none'], reg.token_endpoint_auth_method)) {
 		res.status(400).json({error: 'invalid_client_metadata'});
 		return;
 	}
@@ -314,7 +314,7 @@ var checkClientMetadata = function(req, res) {
 	}
 	
 	reg.client_id = randomstring.generate();
-	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 	
diff --git a/exercises/ch-12-ex-2/client.js b/exercises/ch-12-ex-2/client.js
index 5401968d..9e1ce4d2 100644
--- a/exercises/ch-12-ex-2/client.js
+++ b/exercises/ch-12-ex-2/client.js
@@ -175,7 +175,7 @@ var registerClient = function() {
 		redirect_uris: ['http://localhost:9000/callback'],
 		grant_types: ['authorization_code'],
 		response_types: ['code'],
-		token_endpoint_auth_method: 'secret_basic',
+		token_endpoint_auth_method: 'client_secret_basic',
 		scope: 'foo bar'
 	};
 
diff --git a/exercises/ch-12-ex-2/completed/authorizationServer.js b/exercises/ch-12-ex-2/completed/authorizationServer.js
index 6ec51ecb..6dd2d7d6 100644
--- a/exercises/ch-12-ex-2/completed/authorizationServer.js
+++ b/exercises/ch-12-ex-2/completed/authorizationServer.js
@@ -242,12 +242,12 @@ var checkClientMetadata = function(req, res) {
 	var reg = {};
 
 	if (!req.body.token_endpoint_auth_method) {
-		reg.token_endpoint_auth_method = 'secret_basic';	
+		reg.token_endpoint_auth_method = 'client_secret_basic';	
 	} else {
 		reg.token_endpoint_auth_method = req.body.token_endpoint_auth_method;
 	}
 	
-	if (!__.contains(['secret_basic', 'secret_post', 'none'], reg.token_endpoint_auth_method)) {
+	if (!__.contains(['client_secret_basic', 'client_secret_post', 'none'], reg.token_endpoint_auth_method)) {
 		res.status(400).json({error: 'invalid_client_metadata'});
 		return;
 	}
@@ -324,7 +324,7 @@ app.post('/register', function (req, res){
 	}
 	
 	reg.client_id = randomstring.generate();
-	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 	
diff --git a/exercises/ch-12-ex-2/completed/client.js b/exercises/ch-12-ex-2/completed/client.js
index 4b85e7c0..fb1e6812 100644
--- a/exercises/ch-12-ex-2/completed/client.js
+++ b/exercises/ch-12-ex-2/completed/client.js
@@ -175,7 +175,7 @@ var registerClient = function() {
 		redirect_uris: ['http://localhost:9000/callback'],
 		grant_types: ['authorization_code'],
 		response_types: ['code'],
-		token_endpoint_auth_method: 'secret_basic',
+		token_endpoint_auth_method: 'client_secret_basic',
 		scope: 'foo bar'
 	};
 
diff --git a/exercises/ch-6-ex-5/authorizationServer.js b/exercises/ch-6-ex-5/authorizationServer.js
index 131e6f03..1e9b4f55 100644
--- a/exercises/ch-6-ex-5/authorizationServer.js
+++ b/exercises/ch-6-ex-5/authorizationServer.js
@@ -569,12 +569,12 @@ var checkClientMetadata = function (req, res) {
 	var reg = {};
 
 	if (!req.body.token_endpoint_auth_method) {
-		reg.token_endpoint_auth_method = 'secret_basic';	
+		reg.token_endpoint_auth_method = 'client_secret_basic';	
 	} else {
 		reg.token_endpoint_auth_method = req.body.token_endpoint_auth_method;
 	}
 	
-	if (!__.contains(['secret_basic', 'secret_post', 'none'], reg.token_endpoint_auth_method)) {
+	if (!__.contains(['client_secret_basic', 'client_secret_post', 'none'], reg.token_endpoint_auth_method)) {
 		res.status(400).json({error: 'invalid_client_metadata'});
 		return;
 	}
@@ -651,7 +651,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/exercises/ch-7-ex-1/authorizationServer.js b/exercises/ch-7-ex-1/authorizationServer.js
index 63dd5732..af89c6f6 100644
--- a/exercises/ch-7-ex-1/authorizationServer.js
+++ b/exercises/ch-7-ex-1/authorizationServer.js
@@ -569,12 +569,12 @@ var checkClientMetadata = function (req, res) {
 	var reg = {};
 
 	if (!req.body.token_endpoint_auth_method) {
-		reg.token_endpoint_auth_method = 'secret_basic';	
+		reg.token_endpoint_auth_method = 'client_secret_basic';	
 	} else {
 		reg.token_endpoint_auth_method = req.body.token_endpoint_auth_method;
 	}
 	
-	if (!__.contains(['secret_basic', 'secret_post', 'none'], reg.token_endpoint_auth_method)) {
+	if (!__.contains(['client_secret_basic', 'client_secret_post', 'none'], reg.token_endpoint_auth_method)) {
 		res.status(400).json({error: 'invalid_client_metadata'});
 		return;
 	}
@@ -651,7 +651,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/exercises/ch-8-ex-1/authorizationServer.js b/exercises/ch-8-ex-1/authorizationServer.js
index ac2bdb89..6c8b0686 100644
--- a/exercises/ch-8-ex-1/authorizationServer.js
+++ b/exercises/ch-8-ex-1/authorizationServer.js
@@ -569,12 +569,12 @@ var checkClientMetadata = function (req, res) {
 	var reg = {};
 
 	if (!req.body.token_endpoint_auth_method) {
-		reg.token_endpoint_auth_method = 'secret_basic';	
+		reg.token_endpoint_auth_method = 'client_secret_basic';	
 	} else {
 		reg.token_endpoint_auth_method = req.body.token_endpoint_auth_method;
 	}
 	
-	if (!__.contains(['secret_basic', 'secret_post', 'none'], reg.token_endpoint_auth_method)) {
+	if (!__.contains(['client_secret_basic', 'client_secret_post', 'none'], reg.token_endpoint_auth_method)) {
 		res.status(400).json({error: 'invalid_client_metadata'});
 		return;
 	}
@@ -651,7 +651,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/exercises/ch-8-ex-1/client.js b/exercises/ch-8-ex-1/client.js
index 6e985412..840bae99 100644
--- a/exercises/ch-8-ex-1/client.js
+++ b/exercises/ch-8-ex-1/client.js
@@ -98,7 +98,7 @@ var registerClient = function() {
 		redirect_uris: ['http://localhost:9000/callback'],
 		grant_types: ['authorization_code'],
 		response_types: ['code'],
-		token_endpoint_auth_method: 'secret_basic',
+		token_endpoint_auth_method: 'client_secret_basic',
 		scope: 'openid profile email address phone'
 	};
 
diff --git a/exercises/ch-8-ex-2/authorizationServer.js b/exercises/ch-8-ex-2/authorizationServer.js
index ac2bdb89..6c8b0686 100644
--- a/exercises/ch-8-ex-2/authorizationServer.js
+++ b/exercises/ch-8-ex-2/authorizationServer.js
@@ -569,12 +569,12 @@ var checkClientMetadata = function (req, res) {
 	var reg = {};
 
 	if (!req.body.token_endpoint_auth_method) {
-		reg.token_endpoint_auth_method = 'secret_basic';	
+		reg.token_endpoint_auth_method = 'client_secret_basic';	
 	} else {
 		reg.token_endpoint_auth_method = req.body.token_endpoint_auth_method;
 	}
 	
-	if (!__.contains(['secret_basic', 'secret_post', 'none'], reg.token_endpoint_auth_method)) {
+	if (!__.contains(['client_secret_basic', 'client_secret_post', 'none'], reg.token_endpoint_auth_method)) {
 		res.status(400).json({error: 'invalid_client_metadata'});
 		return;
 	}
@@ -651,7 +651,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/exercises/ch-8-ex-3/authorizationServer.js b/exercises/ch-8-ex-3/authorizationServer.js
index ac2bdb89..6c8b0686 100644
--- a/exercises/ch-8-ex-3/authorizationServer.js
+++ b/exercises/ch-8-ex-3/authorizationServer.js
@@ -569,12 +569,12 @@ var checkClientMetadata = function (req, res) {
 	var reg = {};
 
 	if (!req.body.token_endpoint_auth_method) {
-		reg.token_endpoint_auth_method = 'secret_basic';	
+		reg.token_endpoint_auth_method = 'client_secret_basic';	
 	} else {
 		reg.token_endpoint_auth_method = req.body.token_endpoint_auth_method;
 	}
 	
-	if (!__.contains(['secret_basic', 'secret_post', 'none'], reg.token_endpoint_auth_method)) {
+	if (!__.contains(['client_secret_basic', 'client_secret_post', 'none'], reg.token_endpoint_auth_method)) {
 		res.status(400).json({error: 'invalid_client_metadata'});
 		return;
 	}
@@ -651,7 +651,7 @@ app.post('/register', function (req, res){
 	}
 
 	reg.client_id = randomstring.generate();
-	if (__.contains(['secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
+	if (__.contains(['client_secret_basic', 'client_secret_post']), reg.token_endpoint_auth_method) {
 		reg.client_secret = randomstring.generate();
 	}
 
diff --git a/exercises/ch-8-ex-3/client.js b/exercises/ch-8-ex-3/client.js
index 6e985412..840bae99 100644
--- a/exercises/ch-8-ex-3/client.js
+++ b/exercises/ch-8-ex-3/client.js
@@ -98,7 +98,7 @@ var registerClient = function() {
 		redirect_uris: ['http://localhost:9000/callback'],
 		grant_types: ['authorization_code'],
 		response_types: ['code'],
-		token_endpoint_auth_method: 'secret_basic',
+		token_endpoint_auth_method: 'client_secret_basic',
 		scope: 'openid profile email address phone'
 	};
 
diff --git a/exercises/ch-9-ex-1/client.js b/exercises/ch-9-ex-1/client.js
index bfd8795f..15276a33 100644
--- a/exercises/ch-9-ex-1/client.js
+++ b/exercises/ch-9-ex-1/client.js
@@ -98,7 +98,7 @@ var registerClient = function() {
 		redirect_uris: ['http://localhost:9000/callback'],
 		grant_types: ['authorization_code'],
 		response_types: ['code'],
-		token_endpoint_auth_method: 'secret_basic',
+		token_endpoint_auth_method: 'client_secret_basic',
 		scope: 'openid profile email address phone'
 	};
 
diff --git a/exercises/ch-9-ex-2/client.js b/exercises/ch-9-ex-2/client.js
index 8e7d7588..b9ead46a 100644
--- a/exercises/ch-9-ex-2/client.js
+++ b/exercises/ch-9-ex-2/client.js
@@ -98,7 +98,7 @@ var registerClient = function() {
 		redirect_uris: ['http://localhost:9000/callback'],
 		grant_types: ['authorization_code'],
 		response_types: ['code'],
-		token_endpoint_auth_method: 'secret_basic',
+		token_endpoint_auth_method: 'client_secret_basic',
 		scope: 'openid profile email address phone'
 	};