Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Incorrect way of getting scopes from OAuth2 JWT Token #217

Closed
Kieun opened this issue Jan 3, 2023 · 0 comments · Fixed by #218
Closed

Incorrect way of getting scopes from OAuth2 JWT Token #217

Kieun opened this issue Jan 3, 2023 · 0 comments · Fixed by #218

Comments

@Kieun
Copy link
Contributor

Kieun commented Jan 3, 2023

When getting OAuth2 scopes from JWT bearer token, the current implementation tries to get scope from the JWT payload and the scope value is considered as type of List<String>.

In accordance with Section 4.2 in RFC8693, the scope claim is defined as follows.

The value of the scope claim is a JSON string containing a space-separated list of scopes associated with the token, in the format described in Section 3.3 of [RFC6749].
Figure 7 illustrates the scope claim within a JWT Claims Set.

 {
   "aud":"https://consumer.example.com",
   "iss":"https://issuer.example.com",
   "exp":1443904177,
   "nbf":1443904077,
   "sub":"dgaf4mvfs75Fci_FL3heQA",
   "scope":"email profile phone address"
 }

Due to this reason, our generated OAS3 output fails to set correct security information.

Kieun added a commit to Kieun/restdocs-api-spec that referenced this issue Jan 3, 2023
fixes ePages-de#217
This fixes does not break current implementation of treating scope claim as List<String>
Kieun added a commit to Kieun/restdocs-api-spec that referenced this issue Jan 3, 2023
fixes ePages-de#217
This fixes does not break current implementation of treating scope claim as List<String>
ozscheyge pushed a commit that referenced this issue Jan 4, 2023
fixes #217
This fixes does not break current implementation of treating scope claim as List<String>
wodrobina pushed a commit that referenced this issue Mar 4, 2024
* Update version number in README

* fix: better management of numbers in OpenApi3Generator (#202)

Co-authored-by: Jordan GAZEAU <[email protected]>

* Add project status notice (#209)

* Add project status notice

* Add link to maintenance issue

* Upgrade gradlew to 7.4.2 (#214)

* Fix extracting standard scope claim in OAuth2 JWT (#218)

fixes #217
This fixes does not break current implementation of treating scope claim as List<String>

* Fix broken security definition reference from security requirement for OAuth2 (#220)

Fixes #219

* Make classes in restdocs-api-spec modules visible (#223)

Fixes #222

* Polish README.md (#227)

(cherry picked from commit 213f9e4)

* docs: update FieldDescriptors example (#232)

* docs: update FieldDescriptors example

* docs: add new symbol for java

(cherry picked from commit 26cd0dd)

* feat: add support for contact object (#208)

* feat: add support for contact object

Closes #88

* docs: add documentation on how to define contacts

(cherry picked from commit 2842c43)

* Tabs to spaces

(cherry picked from commit 2f5d1e2)

* Drop usage of TravisCI (#236)

GH-235

(cherry picked from commit 0b5d511)

* Add GitHub Actions and Sonar support (#237)

GH-235

(cherry picked from commit ac1600f)

* Increase MaxMetaspaceSize

(cherry picked from commit 1688a77)

* ci: fix publish script name

(cherry picked from commit 47f2173)

* ci: ignore samples for code coverage report (#239)

(cherry picked from commit 4893605)

* docs: update readme [skip ci] (#238)

GH-235

(cherry picked from commit de0c1ab)

* feat: apply field optional (#244)

* feat: apply field optional

* fix lint

(cherry picked from commit 4c735ca)

* Feat : apply optional is nullable (#245)

* feat: apply optional is nullable

* chore: refactoring

* chore: remove needless

* fix deprecated

* fix for test

(cherry picked from commit 2900374)

* Feat : Schema reuse through subschema (#246)

* feat : Input a name for the subschema

* feat : Input a name for the subschema

* feat : Make sub schema

* fix: lint

* fix: requested & Suggested

(cherry picked from commit 437d7da)

* Fix to get regexp properly from the pattern constraint (#247)

(cherry picked from commit c631886)

* Keep supporting 0.16.x train to support Spring Boot 2.7.x and cherry-pick the latest features and fixes.

---------

Co-authored-by: Oliver Zscheyge <[email protected]>
Co-authored-by: Jojo <[email protected]>
Co-authored-by: Jordan GAZEAU <[email protected]>
Co-authored-by: Jan Mewes <[email protected]>
Co-authored-by: Oliver <[email protected]>
Co-authored-by: Johnny Lim <[email protected]>
Co-authored-by: Taeyang Jin (Heli) <[email protected]>
Co-authored-by: Marcos Paulo Belasco de Almeida <[email protected]>
Co-authored-by: Jan Mewes <[email protected]>
Co-authored-by: Xeroman.K <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant