From e26dd96631022974223f0f4fba48dc95e036d63d Mon Sep 17 00:00:00 2001
From: jwijenbergh <jeroenwijenbergh@protonmail.com>
Date: Thu, 13 Oct 2022 15:40:09 +0200
Subject: OAuth: Add a TODO note about ISS

---
 internal/oauth/oauth.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/internal/oauth/oauth.go b/internal/oauth/oauth.go
index 6fd7481..c4e3672 100644
--- a/internal/oauth/oauth.go
+++ b/internal/oauth/oauth.go
@@ -289,6 +289,11 @@ func writeResponseHTML(w http.ResponseWriter, title string, message string) erro
 //// The callback to retrieve the authorization code: https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-04#section-1.3.1
 func (oauth *OAuth) Callback(w http.ResponseWriter, req *http.Request) {
 	errorMessage := "failed callback to retrieve the authorization code"
+
+	// TODO: Support iss when servers have properly implemented it
+	// See: https://todo.sr.ht/~eduvpn/server/91
+	// And (rfc): https://www.rfc-editor.org/rfc/rfc9207.html
+
 	// Extract the authorization code
 	code, success := req.URL.Query()["code"]
 	// Shutdown after we're done
-- 
cgit v1.2.3