Skip to content

Require redirect_uri if multiple URIs are registered #981

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Oct 26, 2021
Merged

Require redirect_uri if multiple URIs are registered #981

merged 5 commits into from
Oct 26, 2021

Conversation

dylantack
Copy link
Contributor

@dylantack dylantack commented May 28, 2021
edited
Loading

Description of the Change

https://datatracker.ietf.org/doc/html/rfc6749#section-3.1.2.3

If multiple redirection URIs have been registered... the client MUST include a redirection URI with the authorization request using the "redirect_uri" request parameter.

This fixes a bug where the first registered URI was used as the default.

Checklist

  • PR only contains one change (considered splitting up PR)
  • unit-test added
  • documentation updated
  • CHANGELOG.md updated (only for user relevant changes)
  • author name in AUTHORS

dylantack pushed a commit to dylantack/django-oauth-toolkit that referenced this pull request May 28, 2021
update changelog for django-oauth#981
aa50c78
@dylantack dylantack force-pushed the require_redirect_uri_if_multiple branch from aa50c78 to bc92f2f Compare May 28, 2021 02:15
@codecov
Copy link

codecov bot commented Jun 18, 2021
edited
Loading

Codecov Report

Merging #981 (7346d2f) into master (4384566) will increase coverage by 0.00%.
The diff coverage is 100.00%.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #981   +/-   ##
=======================================
  Coverage   96.58%   96.59%           
=======================================
  Files          31       31           
  Lines        1729     1733    +4     
=======================================
+ Hits         1670     1674    +4     
  Misses         59       59
Impacted Files Coverage Δ
oauth2_provider/models.py 98.69% <100.00%> (+0.01%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4384566...7346d2f. Read the comment docs.

auvipy
auvipy suggested changes Oct 19, 2021
View reviewed changes
@auvipy auvipy merged commit ab74586 into django-oauth:master Oct 26, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@auvipy auvipy auvipy approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dylantack @auvipy