AuthEndpoint.InvalidRedirect

Does the authorization server automatically redirect the user-agent to the invalid redirection URI

This test checks whether the authorization server automatically redirect the user-agent to the invalid redirection URI.

View source code on GitHub

Documents

This test is part of the following document(s):

• The OAuth 2.0 Authorization Framework (RFC6749), section 3.1.2.4 (must)
• OAuth 2.0 Threat Model and Security Considerations (RFC6819), section 5.2.3.5 (should)
• OAuth 2.0 Security Best Current Practice (draft 25) (SecBCP), section 4.10.2 (must)

Back to the test case overview or the threat overview