redirect_uri is mandatory
sfarkas1988 opened this issue · comments
According to the changelog, redirect_uri became mandatory:
https://github.com/thephpleague/oauth2-server/blob/master/CHANGELOG.md#830---released-2021-06-03
But in the documentation you mention redirect_uri is optional: https://oauth2.thephpleague.com/authorization-server/auth-code-grant/#part-one
I stumbled through it as I upgrade to PHP 8.2 and upgrade thephpleague/oauth2-server too.
I think the documentation is correct. The redirect_uri is optional. If you don't specify one, the request should still work as it will use a pre-registered redirect URI from when the client was registered with the OAuth server. Is this not happening for you?
I agree @Sephster. In the previous Version \League\OAuth2\Server\Entities\ClientEntityInterface::getRedirectUri was nullable.
Now it's not anymore.