From f600e92b42b83984d92e9662c9e513beefb51ad4 Mon Sep 17 00:00:00 2001
From: M Hickford <mirth.hickford@gmail.com>
Date: Fri, 23 Feb 2024 22:29:47 +0000
Subject: [PATCH] Omit GitLab client secret

Secret is superfluous for GitLab PKCE https://docs.gitlab.com/ee/api/oauth2.html#authorization-code-with-proof-key-for-code-exchange-pkce
---
 src/shared/GitLab/GitLabConstants.cs    | 1 -
 src/shared/GitLab/GitLabOAuth2Client.cs | 3 ++-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/shared/GitLab/GitLabConstants.cs b/src/shared/GitLab/GitLabConstants.cs
index a686ece7a..69f1f9b9e 100644
--- a/src/shared/GitLab/GitLabConstants.cs
+++ b/src/shared/GitLab/GitLabConstants.cs
@@ -10,7 +10,6 @@ public static class GitLabConstants
 
         // Owned by https://gitlab.com/gitcredentialmanager
         public const string OAuthClientId = "172b9f227872b5dde33f4d9b1db06a6a5515ae79508e7a00c973c85ce490671e";
-        public const string OAuthClientSecret = "7da92770d1447508601e4ba026bc5eb655c8268e818cd609889cc9bae2023f39";
 
         public static readonly Uri OAuthRedirectUri = new Uri("http://127.0.0.1/");
         // https://docs.gitlab.com/ee/api/oauth2.html#authorization-code-flow
diff --git a/src/shared/GitLab/GitLabOAuth2Client.cs b/src/shared/GitLab/GitLabOAuth2Client.cs
index 3b146aaeb..ba72f5b41 100644
--- a/src/shared/GitLab/GitLabOAuth2Client.cs
+++ b/src/shared/GitLab/GitLabOAuth2Client.cs
@@ -59,7 +59,8 @@ private static string GetClientSecret(ISettings settings)
                 return clientSecret;
             }
 
-            return GitLabConstants.OAuthClientSecret;
+            // no secret necessary
+            return null;
         }
     }
 }