Update OAuth2.md

OAuth2.md

@@ -87,7 +87,7 @@ const loginWithGoogle = () => {
 The frontend must not directly exchange the `code` for an `access_token`. Instead, it sends the `code` to the backend via an API request.
 
 <details>
-<summary><h3>Example Frontend Code</h3></summary>
+<summary><h3>Frontend Code</h3></summary>
 
 ```js
 // On the backend callback URL, the frontend receives the authorization code
@@ -138,6 +138,9 @@ export default Callback;
 3. The backend ensures to never expose the client_secret to the frontend. This step should always be handled on the backend.
 4. The backend will exchange the `code` for an `access_token` and `refresh_token`, which are sent back to the frontend or stored securely for subsequent API calls.
 
+<details>
+<summary><h3>HTTP Request</h3></summary>
+
 - `HTTP` Method: POST
 - `URL`: https://oauth2.googleapis.com/token
 - `Headers`:
@@ -160,6 +163,8 @@ client_id=YOUR_GOOGLE_CLIENT_ID&
 client_secret=YOUR_GOOGLE_CLIENT_SECRET
 ```
 
+</details>
+
 <details>
 <summary><h3>Example Backend Code:</h3></summary>