Different scopes for different routes

IdentityModel / oidc-client-js

OpenID Connect (OIDC) and OAuth2 protocol support for browser-based JavaScript applications

Apache License 2.0

2.43k stars 840 forks source link

Different scopes for different routes #1178

Closed StarkShang closed 3 years ago

StarkShang commented 4 years ago

How can I verify different scopes for different routes? For example:

for route "/resources/readable", it should verify scope "resource:read"
for route "/resources/writable", it should verify scope "resource:write"

brockallen commented 4 years ago

I don't have any suggestions for you on that.

StarkShang commented 4 years ago

As I kwon, aspnet core has a full feature authorization system, and I can use [Authorize] attribute to call different authorization policy which may execute different authentication policy. Maybe this problem has no matter with this library, but has matter with front frameworks like angular or vue?

brockallen commented 3 years ago

You would need to look at your server framework to authorize calls based on the claims in the token.