invalid Client for exchange code _ identityserver3 _ AppAuth

I'm using AppAuth framework for authentication in my Swift app, I can login but after login and coming back to my app, I can't exchange the code and get error invalid client.

My client configuration is:

var client = new Client
{
    ClientId = "IOS.Client",
    ClientName = "IOS Client",
    RedirectUris = { "com.mysite.accounts:/oauthredirect" },
    AllowedGrantTypes = GrantTypes.Code, //AuthorizationCode
    AllowedScopes = { "openid", "profile", "offline_access" },
};

I set ClientSecret (SHA-256) and my ClientId is ok but I get error invalid client.

I checked my logs and there is an error: secret validators could not validate secret

what's wrong?

Solution

When using IdentityServer3 and AppAuth you should not use special characters in ClientSecret and set your grant AuthorizationCodeWithProofKey.

this link is useful

OWIN middleware for OpenID Connect - Code flow ( Flow type - AuthorizationCode) documentation?
How to invoke a NSwag client method that needs bearer token on request header?
How should a message queue consumer impersonate a user in Identity Server 3 in a microservices environment?
Validating access token with at_hash
Looping custom claims on login - Asp.net core
Forward Bearer Token IdentityServer Web-API
CORS in Ajax-requests against an MVC controller with IdentityServer3-authorization
Identity Server - Multiple users with different access levels on different accounts
Connecting .net 6 application with Identity Server 3
How to use IdentityServer3 with ASP.NET Core Client?
Can MSAL be used with my own authority (e.g. IdentityServer)
iframe session issue in OIDC client
Identity server 3 Windows authentication not working with current user
Transforming Open Id Connect claims in ASP.Net Core
Upgrading SustainSys.Saml2 from v1 to v2 - Set Audience Restriction
OWIN OpenIdConnect Middleware IDX10311 nonce cannot be validated
Identity Server : Grant Type for native mobile apps
Trouble authorizing .NET 5 Web API reference tokens to IdentityServer3 using IdentityServer4.AccessTokenValidation package
Why is IdentityServer redirecting to http rather than https?
protect asp.net web api 2 project with identity server 4
Multiple IdentityServer Federation : Error Unable to unprotect the message.State
.net 4.6 web api2 401 Unauthorized with identity server 4
External login (via ADFS) from identity server3 responds with http status code 504
IdentityServer3 and external login through OpenIDConnect
Identity Server 3 - The client application is not known or is not authorized
Use IdentityServer3.AccessTokenValidation in ASP.Net web api to talk to IDS4
What OAuth flow to use for Multiple APIs
Postman Bad Request - Request Too Long
IdentityServer4 IdentityServer3.AccessTokenValidation
Identity Server Endpoints OIDC