AuthEndpoint.RedirectUriPathMatched

Does the authorization server exactly match the hostname and path of the redirect uri

This test checks whether the authorization server exactly matches the hostname and path of the redirect uri.

View source code on GitHub

Documents

This test is part of the following document(s):

• The OAuth 2.0 Authorization Framework (RFC6749), section 3.1.2.2 (should)
• OAuth 2.0 Threat Model and Security Considerations (RFC6819), section 5.2.3.3 (should)
• Financial-grade API Security Profile (FAPI) 1.0 – Part 1: Baseline (FAPI1Base), section 5.2.2 (must)

Back to the test case overview or the threat overview