diff --git a/extensions/oidc-common/runtime/src/main/java/io/quarkus/oidc/common/runtime/OidcCommonConfig.java b/extensions/oidc-common/runtime/src/main/java/io/quarkus/oidc/common/runtime/OidcCommonConfig.java index 46bbc1d539296..3a67e82d84980 100644 --- a/extensions/oidc-common/runtime/src/main/java/io/quarkus/oidc/common/runtime/OidcCommonConfig.java +++ b/extensions/oidc-common/runtime/src/main/java/io/quarkus/oidc/common/runtime/OidcCommonConfig.java @@ -311,7 +311,7 @@ public static class Jwt { * Additional `scope` added to JWT claims. */ @ConfigItem - public Optional> scope = Optional.empty(); + public Optional> scopes = Optional.empty(); /** * JWT life-span in seconds. It will be added to the time it was issued at to calculate the expiration time. @@ -375,12 +375,12 @@ public void setKeyFile(String keyFile) { this.keyFile = Optional.of(keyFile); } - public Optional> getScope() { - return scope; + public Optional> getScopes() { + return scopes; } - public void setScope(Set scope) { - this.scope = Optional.of(scope); + public void setScopes(Set scopes) { + this.scopes = Optional.of(scopes); } } diff --git a/extensions/oidc-common/runtime/src/main/java/io/quarkus/oidc/common/runtime/OidcCommonUtils.java b/extensions/oidc-common/runtime/src/main/java/io/quarkus/oidc/common/runtime/OidcCommonUtils.java index e1ed23c10d0cb..f6fa3503d243d 100644 --- a/extensions/oidc-common/runtime/src/main/java/io/quarkus/oidc/common/runtime/OidcCommonUtils.java +++ b/extensions/oidc-common/runtime/src/main/java/io/quarkus/oidc/common/runtime/OidcCommonUtils.java @@ -352,10 +352,10 @@ public static String signJwtWithKey(OidcCommonConfig oidcConfig, String tokenReq ? removeLastPathSeparator(oidcConfig.credentials.jwt.getAudience().get()) : tokenRequestUri) .expiresIn(oidcConfig.credentials.jwt.lifespan); - - oidcConfig.credentials.jwt.scope.ifPresent((scope) -> { - claimsBuilder.claim("scope", String.join(",", scope)); - }); + + if (oidcConfig.credentials.jwt.scopes.isPresent()) { + claimsBuilder.claim(OidcConstants.TOKEN_SCOPE, String.join(",", oidcConfig.credentials.jwt.scopes.get())) + } JwtSignatureBuilder builder = claimsBuilder.jws();