Uploaded image for project: 'Identity Gateway'
  1. Identity Gateway
  2. OPENIG-1854

Scope syntax must be respected

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 5.5.0
    • Fix Version/s: 5.5.0
    • Component/s: OAuth 2.0
    • Labels:
      None
    • Sprint:
      OpenIG Sprint 112, OpenIG Sprint 113

      Description

      According to OAuth2 RFC 6739-https://tools.ietf.org/html/rfc6749
      the scopes are defined this way:

      A.4. "scope" Syntax

      The "scope" element is defined in Section 3.3:

      scope = scope-token *( SP scope-token )
      scope-token = 1*NQCHAR

      with

      NQCHAR = %x21 / %x23-5B / %x5D-7E

      This is the hexa representation of the allowed characters, see http://ascii.cl/

      Meaning ", /, ... are not allowed.

      Expected Apply this rule to the scope edition + add UT.

        Attachments

          Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. OPENIG-1957 Dynamic client registration must support scope attribute

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

            Activity

              People

              • Assignee:
                violette Violette Roche Montane
                Reporter:
                violette Violette Roche Montane
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: