[jira] [Commented] (OLTU-180) Parameter redirect_uri is required for /token with grant_type=authorization_code

Antonio Sanso (JIRA) Mon, 14 Sep 2015 02:21:13 -0700

    [ 
https://issues.apache.org/jira/browse/OLTU-180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14743217#comment-14743217
 ]


Antonio Sanso commented on OLTU-180:
------------------------------------

[~rikard] thanks for reporting. Hint: patch are always appreciated :)

> Parameter redirect_uri is required for /token with 
> grant_type=authorization_code
> --------------------------------------------------------------------------------
>
>                 Key: OLTU-180
>                 URL: https://issues.apache.org/jira/browse/OLTU-180
>             Project: Apache Oltu
>          Issue Type: Bug
>            Reporter: Rikard Swahn
>
> The parameter redirect_uri is required in Oltu for requests to /token with 
> grant_type=authorization_code.
> It should only be required if it was also included in the previous 
> authorization request, see http://tools.ietf.org/html/rfc6749#page-29
> So AuthorizationCodeValidator should not add redirect_uri as a required 
> parameter uncondtionally. This parameter could for example be set as required 
> using some setting sent in to the OAuthTokenRequest constructor.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (OLTU-180) Parameter redirect_uri is required for /token with grant_type=authorization_code

Reply via email to