You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Instead of defaulting to the URI::HTTPS builder and ignoring the provider URLs scheme, it seems to make more sense to use URI::HTTP and just pass in the scheme - in which case if the discovery endpoint provided uses HTTPS, it will be supported as such. Same for HTTP. I realize that enforcing SSL is a good practice for security, but it makes local development quite painful with your openid_connect library.
The text was updated successfully, but these errors were encountered:
Instead of defaulting to the URI::HTTPS builder and ignoring the provider URLs scheme, it seems to make more sense to use URI::HTTP and just pass in the scheme - in which case if the discovery endpoint provided uses HTTPS, it will be supported as such. Same for HTTP. I realize that enforcing SSL is a good practice for security, but it makes local development quite painful with your openid_connect library.
The text was updated successfully, but these errors were encountered: