Open Akhil-Suden opened 1 year ago
The same doubt, whether there is a relevant answer. redirect_uri legitimacy check needs to be done by the programmer?
I solved the doubts, this ValidateURIHandler will check whether the redirect_uri is legal, you can customize
In method, ValidationTokenRequest(), redirect_uri is not compared against configured value for the client id. It should return error if redirect_uri value not matches the configured value.