Skip to content
This repository has been archived by the owner on Jun 12, 2021. It is now read-only.

[WiP][ProviderInfoDiscovery] Keep unknown scopes #11

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from

Conversation

peppelinux
Copy link
Member

@peppelinux peppelinux commented Sep 7, 2020

This Work in Progress PR related to this: IdentityPython/oidcendpoint#73

With this PR a RP can request unavailable/unknown scopes, independently by those reported by provider discovery informations.

OidcRP, with this PR, will hold the unknown/unavailable scopes in its authz request.
The behaviour of Authz Endpoint (OAuth2 or OIDC) would instead be based on the internal policy configured (oidcendpoint's deny_unknown_scopes).

This is an ambitious feature, which strives to bring jwtconnect py stack into a jungle of "pirated" RP / Clients not caring about the correct use of tokens (for the purposes for which they were released). This PR does not affect OP policies (as this does: IdentityPython/oidcendpoint#85) but only the behaviour of RP, in front of the provider info response.

@peppelinux peppelinux changed the title [ProviderInfoDiscovery] Keep unknown scopes [WiP][ProviderInfoDiscovery] Keep unknown scopes Sep 7, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant