-
Notifications
You must be signed in to change notification settings - Fork 102
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Incorrect way of getting scopes from OAuth2 JWT Token #217
Comments
Kieun
added a commit
to Kieun/restdocs-api-spec
that referenced
this issue
Jan 3, 2023
fixes ePages-de#217 This fixes does not break current implementation of treating scope claim as List<String>
Kieun
added a commit
to Kieun/restdocs-api-spec
that referenced
this issue
Jan 3, 2023
fixes ePages-de#217 This fixes does not break current implementation of treating scope claim as List<String>
ozscheyge
pushed a commit
that referenced
this issue
Jan 4, 2023
fixes #217 This fixes does not break current implementation of treating scope claim as List<String>
wodrobina
pushed a commit
that referenced
this issue
Mar 4, 2024
* Update version number in README * fix: better management of numbers in OpenApi3Generator (#202) Co-authored-by: Jordan GAZEAU <[email protected]> * Add project status notice (#209) * Add project status notice * Add link to maintenance issue * Upgrade gradlew to 7.4.2 (#214) * Fix extracting standard scope claim in OAuth2 JWT (#218) fixes #217 This fixes does not break current implementation of treating scope claim as List<String> * Fix broken security definition reference from security requirement for OAuth2 (#220) Fixes #219 * Make classes in restdocs-api-spec modules visible (#223) Fixes #222 * Polish README.md (#227) (cherry picked from commit 213f9e4) * docs: update FieldDescriptors example (#232) * docs: update FieldDescriptors example * docs: add new symbol for java (cherry picked from commit 26cd0dd) * feat: add support for contact object (#208) * feat: add support for contact object Closes #88 * docs: add documentation on how to define contacts (cherry picked from commit 2842c43) * Tabs to spaces (cherry picked from commit 2f5d1e2) * Drop usage of TravisCI (#236) GH-235 (cherry picked from commit 0b5d511) * Add GitHub Actions and Sonar support (#237) GH-235 (cherry picked from commit ac1600f) * Increase MaxMetaspaceSize (cherry picked from commit 1688a77) * ci: fix publish script name (cherry picked from commit 47f2173) * ci: ignore samples for code coverage report (#239) (cherry picked from commit 4893605) * docs: update readme [skip ci] (#238) GH-235 (cherry picked from commit de0c1ab) * feat: apply field optional (#244) * feat: apply field optional * fix lint (cherry picked from commit 4c735ca) * Feat : apply optional is nullable (#245) * feat: apply optional is nullable * chore: refactoring * chore: remove needless * fix deprecated * fix for test (cherry picked from commit 2900374) * Feat : Schema reuse through subschema (#246) * feat : Input a name for the subschema * feat : Input a name for the subschema * feat : Make sub schema * fix: lint * fix: requested & Suggested (cherry picked from commit 437d7da) * Fix to get regexp properly from the pattern constraint (#247) (cherry picked from commit c631886) * Keep supporting 0.16.x train to support Spring Boot 2.7.x and cherry-pick the latest features and fixes. --------- Co-authored-by: Oliver Zscheyge <[email protected]> Co-authored-by: Jojo <[email protected]> Co-authored-by: Jordan GAZEAU <[email protected]> Co-authored-by: Jan Mewes <[email protected]> Co-authored-by: Oliver <[email protected]> Co-authored-by: Johnny Lim <[email protected]> Co-authored-by: Taeyang Jin (Heli) <[email protected]> Co-authored-by: Marcos Paulo Belasco de Almeida <[email protected]> Co-authored-by: Jan Mewes <[email protected]> Co-authored-by: Xeroman.K <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When getting OAuth2 scopes from JWT bearer token, the current implementation tries to get
scope
from the JWT payload and the scope value is considered as type ofList<String>
.In accordance with Section 4.2 in RFC8693, the scope claim is defined as follows.
Due to this reason, our generated OAS3 output fails to set correct security information.
The text was updated successfully, but these errors were encountered: