[ https://issues.apache.org/jira/browse/OLTU-180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14743269#comment-14743269 ]
Rikard Swahn commented on OLTU-180: ----------------------------------- Hehe, where is the source repo? Is it this: https://github.com/apache/oltu ? > Parameter redirect_uri is required for /token with > grant_type=authorization_code > -------------------------------------------------------------------------------- > > Key: OLTU-180 > URL: https://issues.apache.org/jira/browse/OLTU-180 > Project: Apache Oltu > Issue Type: Bug > Reporter: Rikard Swahn > > The parameter redirect_uri is required in Oltu for requests to /token with > grant_type=authorization_code. > It should only be required if it was also included in the previous > authorization request, see http://tools.ietf.org/html/rfc6749#page-29 > So AuthorizationCodeValidator should not add redirect_uri as a required > parameter uncondtionally. This parameter could for example be set as required > using some setting sent in to the OAuthTokenRequest constructor. -- This message was sent by Atlassian JIRA (v6.3.4#6332)