Baseline has "shall require the
redirect_uri parameter in authorization requests and evaluate only this parameter to ensure authenticity and integrity of the redirect URI"
What does "evaluate only this parameter to ensure authenticity and integrity" mean? I don't know and don't know how I'd do it. I'm guessing this text is somehow related to wanting to allow non-static redirect URIs to be sent in authenticated PAR. But I can't tell what it actually means or how one would conform to this (other than requiring the redirect_uri parameter).