Steps to reproduce:
- Configure client policies in a way, that there is client policy applied for admin console client creation request, which points to the client profile with "secure-redirecturi-enforce-executor"
- Login as admin to the admin console and try to create client. It will fail due the "secure-redirecturi-enforce-executor" . Reason is, that the initial admin console screen for "create client" does not allow to specify things like "redirect URI" . Just the "root URL" of the client.
- In case that redirectUri on the client is not specified, just allow the request to pass (It should be fine as for the OIDC requests, it is needed that redirect URI exists. So the fact that client does not have "redirect_uri" should not be a security concern
- Not strictly needed to address the issue above, but optionally, we can improve this executor by add configuration option to check also other client URIs (not just the redirect URI) if they are "https" . Like web origin, root URL and admin URL.