jazzband / django-oauth-toolkit

OAuth2 goodies for the Djangonauts!
https://django-oauth-toolkit.readthedocs.io
Other
3.16k stars 794 forks source link

redirect uri debuggin #681

Open rafahsolis opened 5 years ago

rafahsolis commented 5 years ago

Hi, it would be nice if the Mismatching redirect URI. includes the allowed redirect uris and the actual redirect uri in debug mode or via the logger (I had to edit oaut2_provider.models.AbstractApplication.redirect_uri_allowed() and include some prints to debug this error.

ljluestc commented 1 year ago

In OAuth 2.0, the redirect URI is an essential parameter for security, as it helps prevent attacks like the authorization code interception. However, sometimes, misconfigurations or discrepancies can occur with the redirect URIs, leading to the "Mismatching redirect URI" error.

As you've already done some custom modifications to the oauth2_provider.models.AbstractApplication.redirect_uri_allowed() method to include debug prints, it might be useful to log additional information like allowed redirect URIs and the actual redirect URI when this error occurs. This way, developers can have more insights into the cause of the mismatch.

To make this suggestion actionable, consider creating a feature request in the Django OAuth Toolkit repository on GitHub. Explain the need for more detailed information when encountering the "Mismatching redirect URI" error and how it can aid developers in troubleshooting.

While making changes to the core library might take time and consideration, providing additional debug information through logs or debug mode could be a valuable enhancement for developers working with Django OAuth Toolkit. The maintainers can review your proposal, and if deemed appropriate, it might be implemented in a future version of the library.