New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OAuth2 Plugin: Support Custom Redirect URIs for the Authentication Request #1397
Comments
@nikz this is currently possible on the |
@nikz do you confirm? |
@thefosk not quite - https://github.com/Mashape/kong/blob/master/kong/plugins/oauth2/access.lua#L159 matches the redirect URI exactly, whereas for Github for example only the host and port must match. |
What's the thinking around this? I'm getting ready to start working on a PR to allow the redirect URI to be a regex and would appreciate any input on what not to do. I imagine we don't want to change this behavior out from under existing implementations, so some kind of toggle would be useful? |
It seems that interest in this has died out and #2746 was not merged. Closing this issue. |
In the OAuth2 Authorization code flow, it's possible to specify a Redirect URI during the Authorization Request phase.
This would be really useful for dynamic redirection.
There are also more details about the redirect URL requirements here: https://tools.ietf.org/html/rfc6749#section-3.1.2
The text was updated successfully, but these errors were encountered: