This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Claimed Https Scheme URI Redirection
Claimed Https Scheme URI Redirection

Version management

Difference between version and

At line 1 added 35 lines
!!! Overview[1]
[{$pagename}] is defined in [OAuth 2.0 for Native Apps] ([RFC 8252])
Some operating systems allow apps to claim "https" scheme [RFC 7230] [URIs] in the domains they control. When the [browser] encounters a claimed [URI], instead of the page being loaded in the [browser], the
[native application] is launched with the [URI] supplied as a launch [parameter].
Such [URIs] can be used as [redirect_uris] by [native applications]. They are indistinguishable to the authorization server from a regular web-based client [redirect_uri]. An example is:
%%prettify
{{{
https://app.example.com/oauth2redirect/example-provider
}}}
/%
As the [redirect_uri] alone is not enough to distinguish [OAuth Public Client] [native applications] from [OAuth Confidential Client], it is [REQUIRED] in [RFC 8252] Section 8.4 that the [OAuth 2.0 Client Type] be recorded during [OAuth 2.0 Client Registration] to enable the [Authorization Server] to determine the [OAuth 2.0 Client Type] and act accordingly.
App-claimed "https" scheme redirect URIs have some advantages compared to other native app redirect options in that the identity of the destination app is guaranteed to the [Authorization Server] by the [Operating System]. For this reason, native apps [SHOULD] use them over the other options where possible.
%%information
[{$pagename}] uses [HTTPS] [URL redirection] and [Private-Use URI Scheme Redirection] uses [URI] (ie NOT [URL redirection]).
%%
!! [OAuth 2.0]
Apps on platforms that allow the user to disable this functionality, or lack it altogether __MUST__ fallback to using [custom URI schemes].
The [Authorization Server] __MUST__ allow the [registration|OAuth 2.0 Client Registration] of [HTTPS] [redirect_uri] for [OAuth Client] to support [{$pagename}].
Apps on platforms that allow the user to disable this functionality, or lack it altogether __MUST__ fallback to using [custom URI schemes].
The [Authorization Server] __MUST__ allow the [OAuth 2.0 Client Registration] of [HTTPS] [redirect_uri] for [non-confidential user-agents] to support [{$pagename}].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [OAuth 2.0 for Native Apps|https://tools.ietf.org/html/rfc8252#section-7.2|target='_blank'] - based on information obtained 2016-01-15
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop