From a37e01df6b8c10525ea4311344959fe5273059c1 Mon Sep 17 00:00:00 2001
From: vnugent <public@vaughnnugent.com>
Date: Sat, 25 Mar 2023 14:25:21 -0400
Subject: Defer cors to host/middleware/user code

---
 .../src/Endpoints/AccessTokenEndpoint.cs                          | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints')

diff --git a/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs b/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs
index 9f0f35d..a867152 100644
--- a/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs
+++ b/libs/VNLib.Plugins.Sessions.OAuth/src/Endpoints/AccessTokenEndpoint.cs
@@ -54,11 +54,11 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints
         private readonly Task<ReadOnlyJsonWebKey?> JWTVerificationKey;
 
         //override protection settings to allow most connections to authenticate
+        ///<inheritdoc/>
         protected override ProtectionSettings EndpointProtectionSettings { get; } = new()
         {
             DisableBrowsersOnly = true,
-            DisableSessionsRequired = true,
-            DisableVerifySessionCors = true
+            DisableSessionsRequired = true
         };
 
         public AccessTokenEndpoint(PluginBase pbase, IConfigScope config)
@@ -120,8 +120,8 @@ namespace VNLib.Plugins.Sessions.OAuth.Endpoints
                     }
 
                     //Convert the clientid and secret to lowercase
-                    clientId = clientId.ToLower();
-                    secret = secret.ToLower();
+                    clientId = clientId.ToLower(null);
+                    secret = secret.ToLower(null);
 
                     //Convert secret to private string that is unreferrenced
                     using PrivateString secretPv = new(secret, false);
-- 
cgit