You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm working with an OAuth2 integration that does not require a redirect_uri as part of the Authorization Request and, in fact, will 500 if a redirect_uri is given as part of the Access Token POST.
According to the OAuth 2.0 spec the redirect_uri is optional as part of the Authorization Request and only required for the Access Token request if it was given as part of the Authorization Request. While this integration's implementation seems to treat the redirect_uri as forbidden rather than optional, the OAuth2 Strategy likewise does not appear to treat the redirect_uri as optional either.
In order to get around this, I am having to overwrite the build_access_token method. However, it would be nice if the redirect_uri could be configured so as to be completely optional and therefore not be included in the Authorization Request or the Access Token request.
The text was updated successfully, but these errors were encountered:
I'm working with an OAuth2 integration that does not require a
redirect_urias part of the Authorization Request and, in fact, will 500 if aredirect_uriis given as part of the Access Token POST.According to the OAuth 2.0 spec the
redirect_uriis optional as part of the Authorization Request and only required for the Access Token request if it was given as part of the Authorization Request. While this integration's implementation seems to treat theredirect_urias forbidden rather than optional, the OAuth2 Strategy likewise does not appear to treat theredirect_urias optional either.In order to get around this, I am having to overwrite the
build_access_tokenmethod. However, it would be nice if theredirect_uricould be configured so as to be completely optional and therefore not be included in the Authorization Request or the Access Token request.The text was updated successfully, but these errors were encountered: