asp.net-web-api2 OAuth 2.0 in ASP.NET Web API Allowing Redirect URLs Other Than Site Root

Help us to keep this website almost Ad Free! It takes only 10 seconds of your time:
> Step 1: Go view our video on YouTube: EF Core Bulk Extensions
> Step 2: And Like the video. BONUS: You can also share it!

Example

Go to Providers > ApplicationOAuthProvider.cs and edit the ValidateClientRedirectUri function. This was a big gotcha to me, as if you don't do this there'll be a fantastically unhelpful error message. By default, this code will make any callbacks to your site invalid unless they're to the site's root. You likely want to be able to handle the callbacks in a controller, so you'll need to change it to something like this:

public override Task ValidateClientRedirectUri(OAuthValidateClientRedirectUriContext context)
{
      if (context.ClientId == _publicClientId)
      {
            Uri expectedRootUri = new Uri(context.Request.Uri, "/");
            Uri expectedCallbackUri = new Uri(context.Request.Uri, "/callback");

            if (expectedRootUri.AbsoluteUri == context.RedirectUri ||
                  expectedCallbackUri.AbsoluteUri == context.RedirectUri)
            {
                  context.Validated();
            }
      }
      return Task.FromResult<object>(null);
}


Got any asp.net-web-api2 Question?