- Notifications
You must be signed in to change notification settings - Fork1.1k
refactor: replace OAuth2 callback_url with RFC 6749 compliant redirect_uris#18810
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Open
ThomasK33 wants to merge1 commit intothomask33/07-07-feat_standardize_oauth2_endpoints_and_add_token_revocationChoose a base branch
base:thomask33/07-07-feat_standardize_oauth2_endpoints_and_add_token_revocation
Could not load branches
Branch not found:{{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline, and old review comments may become outdated.
Uh oh!
There was an error while loading.Please reload this page.
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
MemberAuthor
ThomasK33 commentedJul 9, 2025 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
Warning This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stackon Graphite.
This stack of pull requests is managed byGraphite. Learn more aboutstacking. |
dd9cb2f toae754f4Comparef9e6552 to1444efeCompare1444efe toef4a6c8Compareef4a6c8 toe24c4b5Comparee24c4b5 to98e7f95Compareab73979 tob89c367Compareb89c367 tob73b71dCompare98e7f95 to2792051Compare This was referencedJul 14, 2025
2792051 to3dd0c37Compare386d77d tob58eed8Compare3dd0c37 to962c22cCompare055d631 tobdc94d5Compare9dfcc8a toaca2f6aComparebdc94d5 to67bf443Compareaca2f6a to35d7f5aCompare35d7f5a to8b4b6f0Compare67bf443 to7b4150aCompare8b4b6f0 to81adc67Compare7b4150a tobe56098Compare…plianceChange-Id: I4823e475777ebdf75e3a80e47ff6bef1a556cd55Signed-off-by: Thomas Kosiewski <tk@coder.com>
be56098 tod00dd0bCompareSign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
RFC 6749 Compliance: Replace callback_url with redirect_uris Array
This PR improves OAuth2 provider compliance with RFC 6749 by replacing the single
callback_urlfield with a properredirect_urisarray. This change allows OAuth2 clients to register multiple valid redirect URIs and enforces exact URI matching as required by the specification.Key changes:
callback_urlcolumn and makeredirect_uristhe source of truthThis change improves security by enforcing stricter redirect URI validation and provides more flexibility for OAuth2 clients that need multiple callback endpoints.