docs: followed the installation guide and was unable to get a successful consent

[abusaidm]

Hello,

I followed the installation guide https://ory.gitbooks.io/hydra/content/install.html#perform-oauth-20-flow and was unable to get a successful run.

The issue seems to come from consent app saying Unhandled rejection Error: Bad Request
and
From hydra level=error msg="An error occurred" error="The client is not allowed to request scope hydra.consent: The requested scope is invalid, unknown, or malformed"

i have also noticed different versions in the guide so on my last attempt I used the version v0.10.0-alpha.8 for:

1. hydra migration
2. hydra cli
3. hydra server

I noticed that this gave me an extra migration that was not available in the v0.9.x so I thought this might have been a mistake in the guide.

I will try to diagnose the issue further to see where the complain is from and dig deeper.

Thank you.

[aeneasr]

Hey, I found the error, it's a typo here:

$ hydra clients create --skip-tls-verify \
  --id consent-app \
  --secret consent-secret \
  --name "Consent App Client" \
  --grant-types client_credentials \
  --response-types token \
  --allowed-scopes hydra.consent*

specifically

  --allowed-scopes hydra.consent*

that line should read

  --allowed-scopes hydra.consent

[abusaidm]

Hey,
I got it working thank you.
This turned out to be one part of the problem, the other part is in the the consent app demo https://github.com/ory/hydra-consent-app-express/blob/master/routes/index.js.
I changed the following:
const scope = 'hydra.consent hydra.consent.*'
to
const scope = 'hydra.consent'

and this removed the follwing error:

level=error msg="An error occurred" error="The client is not allowed to request scope hydra.consent.*: The requested scope is invalid, unknown, or malformed"

It seems there are many breaking changes in the new 0.10 and you stated in the change log that I think it warrants a re-write of the installation guide to better explain the concepts.

[aeneasr]

Oh yes absolutely! Would you mind updating that in the consent app as well? Thank you so much for this, you are helping a lot of people!

[abusaidm]

no problem.

I wanted to find out where hydra stores its core scopes as I didn't find them in the database, and if I could pick your brains a little to better understand the system when I have question, I would like to write a documentation detailing this and we could publish it if you wanted.

[aeneasr]

The scopes are stored in this SQL column - and I always welcome docs! :)

[abusaidm]

I mean, how does hydra know about hydra.consent ?

[aeneasr]

They are defined in the http handlers, for example here or here.

[aeneasr]

I hope all your questions are answered and thus closing this issue. If questions remain feel free to come back here.