Update OAuth2.md

OAuth2.md

@@ -190,17 +190,6 @@ export default Callback;
 <details>
 <summary><h3>Backend HTTP POST Request to Google</h3></summary>
 
-- `HTTP` Method: POST
-- `URL`: https://oauth2.googleapis.com/token
-- `Headers`:
-    - `Content`-Type: application/x-www-form-urlencoded
-- `Body` Parameters:
-    - `grant_type`=authorization_code: This specifies the grant type.
-    - `code`: The authorization code you received in the previous step.
-    - `redirect_uri`: The same redirect URI used in the authorization request.
-    - `client_id`: Your Google API client ID.
-    - `client_secret`: Your Google API client secret (which should be kept secure).
-
 ```sh
 POST https://oauth2.googleapis.com/token
 Content-Type: application/x-www-form-urlencoded
@@ -212,6 +201,17 @@ client_id=ABC34JHS9D&
 client_secret=PASS1234
 ```
 
+- `HTTP Method`: POST
+- `URL`: https://oauth2.googleapis.com/token
+- Headers
+    - `Content-Type`: application/x-www-form-urlencoded
+- Body
+    - `grant_type`=authorization_code: This specifies the grant type.
+    - `code`: The authorization code you received in the previous step.
+    - `redirect_uri`: The same redirect URI used in the authorization request.
+    - `client_id`: Your Google API client ID.
+    - `client_secret`: Your Google API client secret (which should be kept secure).
+
 </details>
 
 <details>
@@ -287,7 +287,9 @@ app.listen(3000, () => {
 
 Once the backend exchanges the `code` for the `access_token`,
 
-the frontend can use it to make authenticated requests to the backend or Google APIs
+incude these tokens to POST reponse recieved from frontend,
+
+so that the frontend can use it to make authenticated requests to the backend or Google APIs
 
 <details>
 <summary><h3>Frontend HTTP GET Request to Backend</h3></summary>