Closed
Description
Now client credentials are kept in clear text and verified using simple string comparison. Provide possibility to inject proper PasswordEncoder implementation.
I've implemented this feature, it can be submitted for review/PR. As this is small change, please let me know if it is possible to submit it in current cycle - if so, I'll issue PR.
Implementation is here: https://github.com/rlewczuk/spring-authorization-server/tree/gh-271-secret-encoder