TokenIntrospectionSuccessResponse getScope() method should not read json String but json Array

Issue #326 invalid
喔喔 created an issue

hi, I use this maven package to combine spring oauth2 with opaque token,

the spring security oauth2 return json response with scope property as json array, but TokenIntrospectionSuccessResponse getScope() method read this property as string,

    #TokenIntrospectionSuccessResponse.java#lines-385

    public Scope getScope() {

        try {
            return Scope.parse(JSONObjectUtils.getString(params, "scope"));
        } catch (ParseException e) {
            return null;
        }
    }

    #https://github.com/spring-projects/spring-security-oauth/blob/master/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/common/OAuth2AccessToken.java#L73
    #spring return scope as array:
    Set<String> getScope();

Comments (2)

  1. Log in to comment