Add API endpoints for OAuth applications
Due to security concerns, it wouldn't be safe to allow wildcards for OAuth application redirects. Instead, we propose to add API endpoints to manage OAuth applications. This will allow automated systems to add/update OAuth applications with the appropriate redirect URI on the fly.
Problem to solve
Gitlab OAuth provider can only have fixed
redirect uri parameters.
I'm using gitlab as a OAuth provider for my app, but I can't redirect a user to the page they are coming from. I can only redirect them to a static site which I have to set as the redirect uri in my created application.
Add wildcards to
redirect_uri somewhere around here https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/initializers/doorkeeper.rb#L105
What does success look like, and how can we measure that?
Can users set wildcards in redirect uris and do they work.