mod_http_oauth2: Validate redirect URI depending on application type Per https://openid.net/specs/openid-connect-registration-1_0.html require that web applications use https:// and native applications must use either http://localhost or a custom (non-https) URI. Previous requirement that hostname matches that of client_uri is kept for web applications.

---
summary: Extra verbose logging of sent and received
---

Summary
=======

Sometimes it is useful to get the raw XML logs from clients for
debugging purposes, but some clients don't expose this.

This module logs dumps everything sent and received into debug logs, for
debugging purposes.