Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor: relax specific scope naming requirements #545

Merged
merged 1 commit into from
May 30, 2023
Merged

refactor: relax specific scope naming requirements #545

merged 1 commit into from
May 30, 2023

Conversation

brownoxford
Copy link
Collaborator

This PR seeks to resolve issue #457 by relaxing the scope-related requirements for conformance via the following changes:

  • Conformance testing no longer requires that OAuth2 providers grant ONLY those scopes requested
  • Conformance testing no longer requires that specific scopes be present in order to pass testing
  • Default behavior assumes that OAuth2 provider includes all scopes granted to a client ID in the JWT token
  • Override behavior allows implementations to provide a list of scopes that client should request via the CLIENT_SCOPE configuration variable.

A brief summary of code changes:

  • All tests for missing_scope have been removed.
  • Tests which require authentication no longer individually specify which scopes should be requested
  • Sample environment configuration now includes CLIENT_SCOPE variable
  • Library function getAccessToken() no longer accepts a scope argument and manages which scopes are requested based on CLIENT_SCOPE environment variable.

If we approve this PR, the following additional work will need to be done:

  • Modify interoperability tests as needed
  • Update documentation and respec as needed

Fixes #457
References #500

@nissimsan
Copy link
Collaborator

Leaving this for next week and further discussion.

mkhraisha
mkhraisha approved these changes May 30, 2023
View reviewed changes
Copy link
Collaborator

@mkhraisha mkhraisha left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very happy to see this!

@nissimsan nissimsan merged commit 3a1b397 into w3c-ccg:main May 30, 2023
@brownoxford brownoxford deleted the 457-relax-scope-reqs branch May 30, 2023 17:40
This was referenced May 30, 2023
Closed
Closed
@brownoxford
Copy link
Collaborator Author

Created #550 and #551 to address scope related documentation change requirements.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nissimsan nissimsan nissimsan approved these changes

@mkhraisha mkhraisha mkhraisha approved these changes

@OR13 OR13 OR13 approved these changes

@mprorock mprorock Awaiting requested review from mprorock

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

OAuth2 Authentication - Make scope a parameter for postman tests
4 participants
@brownoxford @nissimsan @OR13 @mkhraisha