- changed component to Grant Management
resource and scopes in grant management
In a private conversion @Filip Skokan raised the topic of the representation of resource indicators in combination with scope values in a grant.
If a grant is created with a resource A and a scope X, the model currently defined in the spec (resource and scope are kept separate) works.
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: application/json{
"scope": "X"
}
However, when the grant is updated with another resource B and scope Y, it breaks
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: application/json{
“resources”:[”A”,”B”],
"scope": "X Y"
}
since the user did not consent the combinations resource A/scope Y and resource B/scope X as suggested by the representation.
I feel like we should represent resource/scope combinations as requested and confirmed in the respective authorization requests.
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: application/json{
"resource_requests":[
{
"resources":["A"],
"scope":"X"
},
{
"resources":["B"],
"scope":"Y"
}]
}
Comments (4)
-
-
- changed status to open
It is going to be worked on by members in the next few weeks.
-
reporter I suggest to close this ticket as duplicate of
#374. -
- changed status to resolved
duplicate
- Log in to comment