Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-14633

User is not prompted for consent when requesting different scopes to those previously requested and saved

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Not a defect
    • Affects Version/s: 6.5.0
    • Fix Version/s: None
    • Component/s: oauth2
    • Labels:
      None
    • Support Ticket IDs:

      Description

      Bug description

      If a resource owner has already consented to saving a set of scopes, when a different set of scopes is requested, consent is NOT requested

      How to reproduce the issue

      1. Create OAuth2 Provider
      2. Set description in OAuth2 Provider > Consent > Saved Consent Attribute Name
      3. Add description to Identity Stores > embedded > User Configuration > LDAP User Attributes
      4. Create OAuth2 Client with scopes profile and mail
      5. Use OAuth2 authorize endpoint and request scopes profile and mail (and save the consent)
      6. Use almost the same request except remove one of the scopes
      Expected behaviour
      Consent should be requested for the set of different scopes
      Current behaviour
      Authorization code is provided

      Work around

      None

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                aaron.haskins Aaron Haskins
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: