simple_oauth_redirect_uri_wildcard
Security covered
Extends the Simple OAuth module to allow for subdomain wildcards in redirect URIs.
WARNING: Use of this module violates Section 3.1.2 of RFC-6749 (OAuth 2.0 Specification) which requires the use of absolute redirect URIs!
However there are valid practical reasons to use a wildcard in a subdomain (e.g. Vercel and other hosting platforms are generating unique subdomains for each git commit).
Additionally big auth providers, such as Auth0 and Okta also provide this functionality.
Ultimately it comes down to your responsibility as the developer to carefully govern the use of wildcards in redirect URIs to not introduce security risks!