From a506fdacaf96f6e5e1af53d93b2b7b02d0e5a837 Mon Sep 17 00:00:00 2001
From: Dmitriy Krasilnikov <krasilnikov.d.o@gmail.com>
Date: Tue, 18 Nov 2014 18:02:44 +0800
Subject: [PATCH] Allowed RedirectURIs fixed

---
 oauth2_provider/models.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/oauth2_provider/models.py b/oauth2_provider/models.py
index 351eb7c78..0f9d774a9 100644
--- a/oauth2_provider/models.py
+++ b/oauth2_provider/models.py
@@ -93,7 +93,10 @@ def redirect_uri_allowed(self, uri):
 
         :param uri: Url to check
         """
-        return uri in self.redirect_uris.split()
+        for allowed_uri in self.redirect_uris.split():
+            if uri.startswith(allowed_uri):
+                return True
+        return False
 
     def clean(self):
         from django.core.exceptions import ValidationError
@@ -148,7 +151,7 @@ def is_expired(self):
         return timezone.now() >= self.expires
 
     def redirect_uri_allowed(self, uri):
-        return uri == self.redirect_uri
+        return uri.split('?')[0] == self.redirect_uri.split('?')[0]
 
     def __str__(self):
         return self.code