oauth3.js ========= Public utilities for browser and node.js: * `querystringify(query)` * `stringifyscope(scope)` URL generation: * `authorizationCode` * `authorizationRedirect` * `implicitGrant` * `loginCode` * `resourceOwnerPassword` URI vs URL ---------- See Since we do not require the `protocol` to be specified, it is a URI However, we do have a problem of disambiguation since a URI may look like a `path`: 1. https://example.com/api/org.oauth3.provider 2. example.com/api/org.oauth.provider/ (not unique) 3. /api/org.oauth3.provider 4. api/org.oauth3.provider (not unique) Therefore anywhere a URI or a Path could be used, the URI must be a URL. We eliminate #2. As a general rule I don't like rules that sometimes apply and sometimes don't, so I may need to rethink this. However, there are cases where including the protocol can be very ugly and confusing and we definitely need to allow relative paths. A potential work-around would be to assume all paths are relative (elimitate #4 instead) and have the path always key off of the base URL - if oauth3 directives are to be found at https://example.com/username/.well-known/oauth3/directives.json then /api/whatever would refer to https://example.com/username/api/whatever.