Skip to content

PAR uses requested scopes on consent #2182

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

PAR uses requested scopes on consent #2182

wants to merge 1 commit into from

Conversation

willemvd
Copy link

PAR was missing the scopes when giving consent. Making consent authentications distinguish between requested and already authorized scopes.

Fixes gh-2175

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Aug 31, 2025
@willemvd willemvd marked this pull request as ready for review August 31, 2025 21:27
@jgrandja jgrandja mentioned this pull request Sep 17, 2025
Closed
@jgrandja jgrandja self-assigned this Sep 17, 2025
@jgrandja jgrandja added type: bug A general bug and removed status: waiting-for-triage An issue we've not yet triaged labels Sep 17, 2025
@jgrandja jgrandja added this to the 1.5.3 milestone Sep 17, 2025
PAR using requested scopes on consent
570672c 
PAR was missing the scopes when giving consent. Making consent authentications distinguish between requested and already authorized scopes.

Fixes spring-projectsgh-2175

Signed-off-by: Willem van Dreumel <willem.vandreumel@edsn.nl>
@willemvd willemvd force-pushed the gh-2175-par-scopes-missing-on-consent branch from 43245a5 to 570672c Compare September 19, 2025 20:17
@jgrandja jgrandja changed the title PAR using requested scopes on consent PAR uses requested scopes on consent Oct 17, 2025
jgrandja pushed a commit that referenced this pull request Oct 17, 2025
@jgrandja
PAR uses requested scopes on consent
125aeb6 
PAR was missing the requested scopes when giving consent. Making consent authentications distinguish between requested and already authorized scopes.

Closes gh-2182

Signed-off-by: Willem van Dreumel <willem.vandreumel@edsn.nl>
jgrandja added a commit that referenced this pull request Oct 17, 2025
@jgrandja
Polish gh-2182
d85f96a
@jgrandja
Copy link
Collaborator

Thanks for the updates @willemvd. This is now merged.

FYI, I added a polish commit that removes some tests that are not relevant to the fix applied in the PR.

@jgrandja jgrandja closed this Oct 17, 2025
jgrandja added a commit to spring-projects/spring-security that referenced this pull request Oct 17, 2025
@jgrandja
PAR uses requested scopes on consent
fc795a8 
Issue spring-projects/spring-authorization-server#2182
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@jgrandja jgrandja

Labels

type: bug A general bug

Projects

None yet

Milestone

1.5.3

Development

Successfully merging this pull request may close these issues.

OAuth2 Pushed Authorization Request does not request scopes when asking for a consent

3 participants

@willemvd @jgrandja @spring-projects-issues