New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Why invalid_client
& unauthorized_client
are non-redirectable?
#1578
Comments
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Hey @nov We have to check git history and find changes author, I don't remember the reasons. Do we know what RFC says about such case(s)? |
Since
and |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
no |
In
unauthorized_client
case, the combination of client_id & redirect_uri should be valid but the client isn't allowed to use the response_type.and
invalid_client
is error token response, not error authorization response.Why those two are defined as "un-redirectable"?
ref.)
doorkeeper/lib/doorkeeper/oauth/error_response.rb
Line 8 in 15ebd33
The text was updated successfully, but these errors were encountered: