Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

E6/S1: tag apiEndpoint with SCOPE #35

Closed
jimhw opened this issue Apr 24, 2017 · 5 comments
Closed

E6/S1: tag apiEndpoint with SCOPE #35

jimhw opened this issue Apr 24, 2017 · 5 comments

Comments

@jimhw
Copy link

jimhw commented Apr 24, 2017
edited by altsang

Allow a user to specify the OAuth2 tag within a pipeline's path to match all endpoints URLs

Example:
condition: ["always"]
or by a particular path
condition: ["pathExact", "/protected/resourceA"]
this would trigger the policy.
@jimhw jimhw added this to the Phase 1 milestone Apr 24, 2017
@jimhw jimhw changed the title Authorization server - OAuth2 tag OAuth2 tag Apr 24, 2017
@jimhw jimhw changed the title OAuth2 tag E6/S1: OAuth2 tag Apr 24, 2017
@jimhw jimhw added the ready label Apr 24, 2017
@jimhw
Copy link
Author

jimhw commented Apr 24, 2017

Should be part of #17. Need to verify

@altsang altsang removed the ready label Apr 25, 2017
@jimhw
Copy link
Author

jimhw commented Apr 25, 2017
edited

Depends on RBACL #46

@altsang
Copy link
Contributor

altsang commented May 12, 2017

no longer dependent on #46

@altsang altsang mentioned this issue May 23, 2017
Closed
@altsang
Copy link
Contributor

altsang commented May 23, 2017

per discussion with @DrMegavolt - we will add scopes as a attribute to the endpoint without a tag action as originally specified by Roman, Scopes will need to require the ability to specify granularity to the HTTP VERB level

@altsang
Copy link
Contributor

altsang commented May 23, 2017

in API endpoint - scopes can be defined as shown in example below:

*.dog.com + /v1/api/cart + GET, assign scope STAFF
*.dog.com + /v1/api/catalog + GET, assign scope STAFF
*.dog.com + /v1/api/customer + GET, assign scope STAFF

apiEndpoints
dogEndpoint:
host: .dog.com
path: /v1/api/
scopes: scopes:{{ scope:staff, verbs:{GET}}, { scope:admin,verbs:{ GET, PUT, POST, DELETE}}
- scope:
name: STAFF
verbs: GET
- scope:
name: ADMIN?
verb: [GET, POST, PUT DELETE]

*.dog.com /v1/api/cart + GET, PUT, POST, DELETE, assign scope ADMIN
*.dog.com/v1/api/catalog + GET, PUT, POST, DELETE, assign scope ADMIN
*.dog.com/v1/api/customer + GET, PUT, POST, DELETE, assign scope ADMIN

@altsang altsang changed the title E6/S1: OAuth2 tag E6/S1: tag apiEndpoint with SCOPE May 23, 2017
@altsang altsang added the ready label May 23, 2017
@altsang altsang added in progress and removed ready labels May 23, 2017
DrMegavolt added a commit that referenced this issue May 24, 2017
@DrMegavolt
Feature/egcontext scopes connect #35 (#117)
04098cf 
* egcontext provides apiEndpoint definition

* test scopes are set to egContext
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jimhw @DrMegavolt @altsang