Tools

AuRA: Auth. Request Analyser

Tools

Custom and flexible OAuth/OIDC SP and IdP implementations

Post

Insufficient Redirect URI validation: The risk of allowing to dynamically add arbitrary query parameters and fragments to the redirect_uri