Mercurial > prosody-modules
comparison mod_http_oauth2/README.markdown @ 5562:734788d8bfc3
mod_http_oauth2: Rearrange description of redirect URIs requirements
So that they're in one place only instead of sorta twice.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 22 Jun 2023 21:59:49 +0200 |
| parents | d6ab6f0bd96e |
| children | 59acf7f540c1 |
comparison
equal
deleted
inserted
replaced
| 5561:d6ab6f0bd96e | 5562:734788d8bfc3 |
|---|---|
| 129 : **MUST** be present and **MUST** be a `https://` URL. | 129 : **MUST** be present and **MUST** be a `https://` URL. |
| 130 | 130 |
| 131 `redirect_uris` | 131 `redirect_uris` |
| 132 | 132 |
| 133 : **MUST** contain at least one valid URI. Different rules apply | 133 : **MUST** contain at least one valid URI. Different rules apply |
| 134 depending on the value of `application_type`: | 134 depending on the value of `application_type`, see below. |
| 135 | 135 |
| 136 `web` | 136 `application_type` |
| 137 : `redirect_uris` **MUST** be `https://` URIs and **MUST** use the | 137 |
| 138 same hostname part as the `client_uri`. | 138 : Optional, defaults to `web`. Determines further restrictions for |
| 139 `redirect_uris`. The following values are supported: | |
| 140 | |
| 141 `web` *(default)* | |
| 142 : For web clients. With this, `redirect_uris` **MUST** be | |
| 143 `https://` URIs and **MUST** use the same hostname part as the | |
| 144 `client_uri`. | |
| 139 | 145 |
| 140 `native` | 146 `native` |
| 141 | 147 |
| 142 : `redirect_uris` **MUST** match one of: | 148 `native` |
| 149 | |
| 150 : For native e.g. desktop clients etc. `redirect_uris` **MUST** | |
| 151 match one of: | |
| 143 | 152 |
| 144 - Loopback HTTP URI, e.g. `http://127.0.0.1/` or | 153 - Loopback HTTP URI, e.g. `http://127.0.0.1/` or |
| 145 `http://[::1]` | 154 `http://[::1]` |
| 146 - Application-specific scheme, e.g. `com.example.app:/` | 155 - Application-specific scheme, e.g. `com.example.app:/` |
| 147 - The special OOB URI `urn:ietf:wg:oauth:2.0:oob` | 156 - The special OOB URI `urn:ietf:wg:oauth:2.0:oob` |
| 148 | |
| 149 `application_type` | |
| 150 | |
| 151 : Optional, defaults to `web`. Determines further restrictions for | |
| 152 `redirect_uris`. The following values are supported: | |
| 153 | |
| 154 `web` *(default)* | |
| 155 : For web clients. | |
| 156 | |
| 157 `native` | |
| 158 : For native e.g. desktop clients etc. | |
| 159 | 157 |
| 160 `tos_uri`, `policy_uri` | 158 `tos_uri`, `policy_uri` |
| 161 : Informative URLs pointing to Terms of Service and Service Policy | 159 : Informative URLs pointing to Terms of Service and Service Policy |
| 162 document **MUST** use the same scheme (i.e. `https://`) and hostname | 160 document **MUST** use the same scheme (i.e. `https://`) and hostname |
| 163 as the `client_uri`. | 161 as the `client_uri`. |