Thanks Johann and Pushpalanka. Updated [1] with details. [1] - https://wso2.org/jira/browse/IDENTITY-5879
On Tue, Apr 25, 2017 at 8:19 PM, Pushpalanka Jayawardhana <[email protected]> wrote: > Hi, > > On Tue, Apr 25, 2017 at 7:51 PM, Johann Nallathamby <[email protected]> > wrote: > >> +1. However we have to make sure that if we update the application with >> authorization_code or implicit grant type, then we have to validate that at >> least one redirect_uri is also provided. >> >> Regards, >> Johann. >> >> On Tue, Apr 25, 2017 at 5:46 PM, Nuwandi Wickramasinghe < >> [email protected]> wrote: >> >>> Hi, >>> >>> As per the DCR implementation in WSO2 IS 5.3.0, it is mandatory to send >>> at least one redirect uri for any grant type and otherwise will give >>> following error response. >>> >>> { >>> "error_description": "RedirectUris property must have at least one URI >>> value.", >>> "error": "invalid_client_metadata" >>> } >>> >>> >>> AFAIU there is no significance of a redirect URI for grant types that do >>> not have a redirection in the flow. Shall we allow client registration >>> without redirect URI for the other grant types such as password, client >>> credentials and SAML2 >>> >>> [1] states that >>> >>> The implementation and use of all client metadata >>> fields is OPTIONAL, unless stated otherwise. >>> >>> >>> .. >>> >>> >>> redirect_uris >>> Array of redirection URI strings for use in redirect-based flows >>> such as the authorization code and implicit flows. As required by >>> Section 2 <https://tools.ietf.org/html/rfc7591#section-2> of OAuth >>> 2.0 [RFC6749 <https://tools.ietf.org/html/rfc6749>], clients using flows >>> with >>> redirection MUST register their redirection URI values. >>> Authorization servers that support dynamic registration for >>> redirect-based flows MUST implement support for this metadata >>> value. >>> >>> >>> [1] https://tools.ietf.org/html/rfc7591#section-2 >>> >> +1. > We already have a task to track and fix on these compliancy issues as at > [1]. Please create or add these details there too, so we can make sure we > address this and rectify. > > [1] - https://wso2.org/jira/browse/IDENTITY-5879 > >> >>> >>> -- >>> >>> Best Regards, >>> >>> Nuwandi Wickramasinghe >>> >>> Software Engineer >>> >>> WSO2 Inc. >>> >>> Web : http://wso2.com >>> >>> Mobile : 0719214873 <071%20921%204873> >>> >> >> >> >> -- >> Thanks & Regards, >> >> *Johann Dilantha Nallathamby* >> Technical Lead & Product Lead of WSO2 Identity Server >> Governance Technologies Team >> WSO2, Inc. >> lean.enterprise.middleware >> >> Mobile - *+94777776950* >> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >> > > > > -- > Pushpalanka. > -- > Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). > Senior Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ > Mobile: +94779716248 > Blog: pushpalankajaya.blogspot.com/ | LinkedIn: lk.linkedin.com/in/p > ushpalanka/ | Twitter: @pushpalanka > > -- Best Regards, Nuwandi Wickramasinghe Software Engineer WSO2 Inc. Web : http://wso2.com Mobile : 0719214873
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
