Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support different formats of scopes #1263

Closed
satran opened this issue Jan 17, 2019 · 12 comments
Closed

Support different formats of scopes #1263

satran opened this issue Jan 17, 2019 · 12 comments
Labels
feat New feature or request.
Milestone

Comments

@satran
Copy link

satran commented Jan 17, 2019

Is your feature request related to a problem? Please describe.
Hydra splits checking of scopes on .. It makes the assumption that scopes are dot separated. We have a use case where the scope needs to contain a :. A example of the scope is payments:xyz. I would like to create a client that has all scopes under payments. If it were dot separated I can create a client with scopes payments.*. I cannot do that with the :. I cannot create a client which has an allowed scope payments:*.

Describe the solution you'd like
I would like the ability to create a client with scopes separated by :. It would be good to be able to set a regular expression based scope strategy.

@aeneasr
Copy link
Member

aeneasr commented Jan 23, 2019

Sorry for the late reply. Generally that's a possibility - one thing to keep in mind with : is that they are special characters in URLs and have to be encoded properly. Is there a specific reason why you want that delimiter instead of the more common . notation?

@satran
Copy link
Author

satran commented Jan 25, 2019

No worries.
If it were up to me I wouldn’t want to have :. But we are supporting PSD2, Berlin Group standard and they have a requirement of using scopes separated by :.

@aeneasr aeneasr added the feat New feature or request. label Apr 27, 2019
@aeneasr aeneasr added this to the unplanned milestone Apr 27, 2019
@jbman
Copy link

jbman commented Sep 30, 2019

We also have (legacy) scope identifiers with : and would like to grant a scope like service:* to clients. Regular expression may not be needed, it would be enough to have a configuration for the list of separator characters. Character . could still be the default.

@aeneasr
Copy link
Member

aeneasr commented Sep 30, 2019

We're open to accepting a PR. This should be done both in fosite (as a scope strategy) and hydra (as a configuration value). If you are looking to do a PR please discuss the changes beforehand as it will save some time :)

@elchtestAtBosch
Copy link

Looks like a nice task to start with Go :)

@elch78
Copy link

elch78 commented Nov 29, 2019

The fix would just be to add the delimiter as a parameter to the wildcard strategy?
Probably also for the hierarchical strategy? Or is that one deprecated and will be removed?

@aeneasr
Copy link
Member

aeneasr commented Nov 29, 2019

yep exactly! I think we can add it to wildcard and hierarchical!

@vinckr
Copy link
Member

vinckr commented Aug 31, 2020

@tacurran is this a feature that would make sense implementing?
Are you still open for contributing on this @elchtestAtBosch or @elch78 ?

@elch78
Copy link

elch78 commented Nov 17, 2020

Sorry, I don't have time at the moment.

@aeneasr
Copy link
Member

aeneasr commented Jan 12, 2021

Closing due to lack of public interest.

@aeneasr aeneasr closed this as completed Jan 12, 2021
@sidharthramesh
Copy link

Hey, @aeneasr would you mind reopening this?
There are other situations where the scope does not have "." as the delimiter.
We're dealing with a situation where scopes are using wildcards with "/" as a delimiter. Eg: "user/.rs", "practitioner/Patient."

I could help look into it. Would this involve changes in Fosite? - https://github.com/ory/fosite/blob/master/scope_strategy.go#L69

@kotyara85
Copy link

@sidharthramesh agree, that would be great. we have permissions with : and it's a pain converting them back and forth

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feat New feature or request.
Projects
None yet
Development

No branches or pull requests

8 participants