feat: allowed_origin and redirect_uri wildcards

jazzband / django-oauth-toolkit

OAuth2 goodies for the Djangonauts!

https://django-oauth-toolkit.readthedocs.io

Other

3.16k stars 794 forks source link

feat: allowed_origin and redirect_uri wildcards #1508

Closed dopry closed 1 month ago

dopry commented 1 month ago

Fixes #1506

Description of the Change

Implement Wildcard support in allowed origins and redirect uris

Checklist

[X] PR only contains one change (considered splitting up PR)
[x] unit-test added
[X] documentation updated
[x] CHANGELOG.md updated (only for user relevant changes)
[X] author name in AUTHORS

dopry commented 1 month ago

@tonial

Maybe you could add a test to ensure that "https://*.example.com/*" and * are not valid redirect_uri.

* is a valid character in a uri path so https://*.example.com/* is valid, but is not treated as a wild card. I did add a test for just `` which raises invalid scheme