invalid_redirect_uri error raised by POST /oauth2/registration doesn't explain which policy was violated

[matrixbot]

This issue was originally created by @Half-Shot at matrix-org/matrix-authentication-service#3036.

It wasn't clear to me that I couldn't set a localhost URL for the registration request URIs because it's forbidden in https://github.com/matrix-org/matrix-authentication-service/blob/07c9989e63048ace17d00c1068b2c456651d0b61/crates/handlers/src/oauth2/registration.rs#L191-L243

The error is super vague though, and could do with some explanation (or at least a log line).

[matrixbot]

This comment was originally posted by @Half-Shot at matrix-org/matrix-authentication-service#3036 (comment).

I'm not actually sure that was the policy that was violated tbh, but still, something is up 🤔

[matrixbot]

This comment was originally posted by @dklimpel at matrix-org/matrix-authentication-service#3036 (comment).

I have the same problem by /authorise. I get always invalid redirect uri and do not know what is wrong.

Even if you have not entered the redircet url you get misleading error messages:

• Browser: "Redirect URI can’t have a fragment"
• Application Log: invalid parameters