Open rmccue opened 7 years ago
Tokens\Authorization_Code::validate takes an $args parameter, but we a) don't pass any data in, and b) don't do anything with it. 🙃
Tokens\Authorization_Code::validate
$args
Per the spec, we need to validate redirect_uri matched what was passed with the original authorisation request.
redirect_uri
(Noticed by @tfrommen in #8.)
rmccue
commented
7 years ago rmccue
commented
7 years ago
Tokens\Authorization_Code::validatetakes an$argsparameter, but we a) don't pass any data in, and b) don't do anything with it. 🙃Per the spec, we need to validate
redirect_urimatched what was passed with the original authorisation request.