Comparison

mod_http_oauth2/README.markdown @ 5562:734788d8bfc3

mod_http_oauth2: Rearrange description of redirect URIs requirements So that they're in one place only instead of sorta twice.
author Kim Alvefur <zash@zash.se>
date Thu, 22 Jun 2023 21:59:49 +0200
parent 5561:d6ab6f0bd96e
child 5592:59acf7f540c1
comparison
equal deleted inserted replaced
5561:d6ab6f0bd96e 5562:734788d8bfc3
129 : **MUST** be present and **MUST** be a `https://` URL. 129 : **MUST** be present and **MUST** be a `https://` URL.
130 130
131 `redirect_uris` 131 `redirect_uris`
132 132
133 : **MUST** contain at least one valid URI. Different rules apply 133 : **MUST** contain at least one valid URI. Different rules apply
134 depending on the value of `application_type`: 134 depending on the value of `application_type`, see below.
135 135
136 `web` 136 `application_type`
137 : `redirect_uris` **MUST** be `https://` URIs and **MUST** use the 137
138 same hostname part as the `client_uri`. 138 : Optional, defaults to `web`. Determines further restrictions for
139 `redirect_uris`. The following values are supported:
140
141 `web` *(default)*
142 : For web clients. With this, `redirect_uris` **MUST** be
143 `https://` URIs and **MUST** use the same hostname part as the
144 `client_uri`.
139 145
140 `native` 146 `native`
141 147
142 : `redirect_uris` **MUST** match one of: 148 `native`
149
150 : For native e.g. desktop clients etc. `redirect_uris` **MUST**
151 match one of:
143 152
144 - Loopback HTTP URI, e.g. `http://127.0.0.1/` or 153 - Loopback HTTP URI, e.g. `http://127.0.0.1/` or
145 `http://[::1]` 154 `http://[::1]`
146 - Application-specific scheme, e.g. `com.example.app:/` 155 - Application-specific scheme, e.g. `com.example.app:/`
147 - The special OOB URI `urn:ietf:wg:oauth:2.0:oob` 156 - The special OOB URI `urn:ietf:wg:oauth:2.0:oob`
148
149 `application_type`
150
151 : Optional, defaults to `web`. Determines further restrictions for
152 `redirect_uris`. The following values are supported:
153
154 `web` *(default)*
155 : For web clients.
156
157 `native`
158 : For native e.g. desktop clients etc.
159 157
160 `tos_uri`, `policy_uri` 158 `tos_uri`, `policy_uri`
161 : Informative URLs pointing to Terms of Service and Service Policy 159 : Informative URLs pointing to Terms of Service and Service Policy
162 document **MUST** use the same scheme (i.e. `https://`) and hostname 160 document **MUST** use the same scheme (i.e. `https://`) and hostname
163 as the `client_uri`. 161 as the `client_uri`.