Uploaded image for project: 'PUBLIC - OAuth2'
  1. PUBLIC - OAuth2
  2. OAUTH2-243

ScopeMatcher should be applied before and after ScopeMapper and PrefixHandler

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: Master
    • Fix Version/s: Master
    • Component/s: None
    • Labels:

      Description

      When mapping a scope, in most cases the expected behavior is to also map all other scopes that are implied by it. As calculated by applying a PrefixHandler and ScopeMatcher. Otherwise you will need to map every implied scope manually.

      1. At System Settings > OAuth2 > ScopeMapper , create a new configuration:
        passthrough="false"
        osgi.jaxrs.name="Default"
        mapping="everything.read\=everything.read,global.everything.read"
        
      2. At System Settings > OAuth2 > Bundle PrefixHandlerFactory , create a new configuration:
        osgi.jaxrs.name="Default"
        excluded.scopes="global.everything.read"
        service.properties="osgi.jaxrs.name"
        separator="/"
        include.bundle.symbolic.name="false"
        
      3. Visit the "Scopes" tab of any OAuth2 application, expand "Portal Services", and locate the row(s) with the following scope aliases: "liferay-json-web-services/everything.read", "global.everything.read".

      Expected result: Both scope aliases are shown in the same row with a single checkbox for selection
      Actual result: They are shown in separate rows, each with a checkbox

      Explanation

      By default the portal is configured to use ChunkScopeMatcher which means scopes like "everything.read.userprofile" are implied by "everything.read". However when mapping "everything.read" to a new "global.everything.read" this is no longer implied. But we believe it is expected. The solution is to apply ScopeMatcher twice: before and after mapping+prefixing. In essence flattening the originally implied scopes into the mapped scope.

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Packages

                Version Package
                Master