theladyjaye
commented
9 years ago +1 I just ran into this same problem. I'm doing a desktop app (Cocoa) not an iOS app. Exactly the same situation though. For now I think I am just going to vendor this lib in and override:
https://github.com/caffeinehit/django-oauth2-provider/blob/master/provider/oauth2/models.py#L43
aka redirect_uri = models.URLField(help_text="Your application's callback URL")
basically going to subclass URLField and set the default_validators to use another custom subclass of URLValidator
it's common for mobile applications to use non-standard schemes that don't pass URLField's standard validations. iOS uses app specific schemes myapp://... and modern Windows uses ms-app://...
oauth2 provider works fine with these redirect_uri's set, but i have to go directly to the database to set them (going around the validations.)
really new Django allows a list of schemes to be passed to URLField/validators, but that won't really work here since iOS's schemes are app-specific. the only real solution i can think of is a more lenient URLField/validator for redirect_uri that doesn't check the scheme.
it could (perahps should) be an optional thing enabled with a setting, but i currently have run across several cases where i've had needed the ability to use a non-standard scheme.