Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
allow no redirect_uri to support cross-client exchange request #14
Google supports cross client authorization. See Cross-client access tokens section in https://developers.google.com/accounts/docs/CrossClientAuth. For example, if a user has an Android App with native Google+ login button, the app can sent a request for one-time-code that can be exchanged by a web app with different client id. This is very useful when there is a need to consume existing web services by a mobile applications. In that case the web app must submit the exchange request without any redirect_uri (“When the web component exchanges the code for tokens, it should not include the redirect_uri argument in the POST request.”).