diff --git a/auth-server/src/main/java/org/example/authserver/PublicClientRefreshTokenAuthenticationConverter.java b/auth-server/src/main/java/org/example/authserver/PublicClientRefreshTokenAuthenticationConverter.java
index 72ea8a1..defcded 100644
--- a/auth-server/src/main/java/org/example/authserver/PublicClientRefreshTokenAuthenticationConverter.java
+++ b/auth-server/src/main/java/org/example/authserver/PublicClientRefreshTokenAuthenticationConverter.java
@@ -36,7 +36,7 @@ public Authentication convert(HttpServletRequest request) {
 
         // client_secret (Should not be present)
         String clientSecret = request.getParameter(OAuth2ParameterNames.CLIENT_SECRET);
-        if (!StringUtils.hasText(clientSecret)) {
+        if (StringUtils.hasText(clientSecret)) {
             return null;
         }