Hi Farasath,
On Wed, May 24, 2017 at 8:53 PM, Farasath Ahamed <[email protected]> wrote: > Hi, > > I noticed that 'redirect_uri' is an OPTIONAL parameter according to > spec[1]. > > And also in the subsequent token request 'redirect_uri' becomes a > mandatory parameter only if it was sent in the initial authorization > request[2]. > > I tested this on IS 5.3.0 fresh pack, and it gives > > *invalid_request * > Redirect URI is not present in the authorization request > > which means we make the redirect_uri mandatory. > > Should we fix this behaviour? > WDYT? > Yes. According to the spec, we have to fix that. Create a public jiraa [1] to track. Thanks Isura. [1] https://wso2.org/jira/browse/IDENTITY-5977 > > > [1] https://tools.ietf.org/html/rfc6749#section-4.1.1 > [2] https://tools.ietf.org/html/rfc6749#section-4.1.3 > > > Thanks, > Farasath Ahamed > Software Engineer, WSO2 Inc.; http://wso2.com > Mobile: +94777603866 > Blog: blog.farazath.com > Twitter: @farazath619 <https://twitter.com/farazath619> > <http://wso2.com/signature> > > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Isura Dilhara Karunaratne* Senior Software Engineer | WSO2 Email: [email protected] Mob : +94 772 254 810 Blog : http://isurad.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
