search

ForkbombEu / DIDroom_microservices

DIDroom credential issuer part of Forkbomb's SSI solution
1 stars 0 forks source link

scopes_supported in the authorization server wk is not used #136

Open matteo-cristino opened 3 months ago

matteo-cristino commented 3 months ago

As you can see in https://github.com/ForkbombEu/DIDroom_microservices/pull/135 I added placeholder for some mutable informations, but during tests I never substitute the scopes_supported placeholder and test works fine.

Is it correct that this field is not used during all the flow?

puria commented 3 months ago

who knows 🤔

matteo-cristino commented 3 months ago

Looking at this seems that the scopes_supported is only reccomended and that the user can request a specific scope in the authorization and/or token call.

We are not using it since in our case the user specify the credential he/she want to obtain in the /par call with

{
  "authorization_details": [
    {
      "credential_configuration_id": "discount_from_voucher",
      "locations": [
        "https://issuer1.zenswarm.forkbomb.eu/credential_issuer"
      ],
     "type": "openid_credential"
    }
  ],
  "everything": "else"
}

And in the next calls this is retrieved internally from the authorization server cache.