You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Sergey Beryozkin (JIRA)" <ji...@apache.org> on 2017/07/10 15:48:00 UTC

[jira] [Commented] (FEDIZ-203) Support "roles" scope

    [ https://issues.apache.org/jira/browse/FEDIZ-203?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16080531#comment-16080531 ] 

Sergey Beryozkin commented on FEDIZ-203:
----------------------------------------

Hi Jan

I wonder, in FedizSubjjectCreator, should the roles be set only if either the roles claims is set (already checked) or the roles scope is available - with your update it is just set, thus the code which checks the claims property (and roles) becomes redundant. Well, may be the roles should be reported by default... The other thing is that when the roles are requests via "claims" the code there assumes the name of the claim is configurable ("roles" is default)...
Let me have a look tomorrow... 

> Support "roles" scope
> ---------------------
>
>                 Key: FEDIZ-203
>                 URL: https://issues.apache.org/jira/browse/FEDIZ-203
>             Project: CXF-Fediz
>          Issue Type: New Feature
>          Components: OIDC
>            Reporter: Jan Bernhardt
>            Assignee: Jan Bernhardt
>             Fix For: 1.4.1
>
>         Attachments: 0001-cxf-FEDIZ-203-Add-roles-scope-support.patch, 0001-fediz-FEDIZ-203-Add-roles-scope-support.patch
>
>
> OIDC currently only supports role claims if they are requested as "claims" but not via "scope". Goal of this jira issue is to add support for a "roles" scope.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)