My client uses the authorization code flow, and has a requirement that the authorization URL be HTTP (no HTTPS/TLS). The communication is secured by other means (usually a middleware will redirect to HTTPS).
The redirect URI is a local URL schema (e.g. myapp://oauth2/code), the token URI is HTTPS.
I can't currently use the library because, it will complain that I must use TLS, even for the authorization URL.
Is there some way to opt-out of the HTTPS/SSL/TLS check for the authorization URI?
My client uses the authorization code flow, and has a requirement that the authorization URL be HTTP (no HTTPS/TLS). The communication is secured by other means (usually a middleware will redirect to HTTPS).
The redirect URI is a local URL schema (e.g. myapp://oauth2/code), the token URI is HTTPS.
I can't currently use the library because, it will complain that I must use TLS, even for the authorization URL.
Is there some way to opt-out of the HTTPS/SSL/TLS check for the authorization URI?