diff --git a/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java b/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java index 9f376ea..b151ac3 100644 --- a/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java +++ b/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java @@ -160,7 +160,7 @@ public class KjbMGOAuth2Controller { "Invalid Mandatory Field {client_secret}"); } - if (StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) { + if (!StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) { throw new JwtAuthException( String.format("%d%s%s", HttpStatus.UNAUTHORIZED.value(), SERVICE_CODE_ACCESS_TOKEN, "00"), "Unauthorized. [Bad client credentials(Client Secret is not match)]");