Closed ch4mpy closed 1 year ago
Describe the bug When scope claim (or scp) is used as source for authorities, space separated values are interpreted as a single value. It should not.
scope
scp
Code sample
com: c4-soft: springaddons: security: issuers: - location: ${oauth2-issuer} username-claim: $['https://c4-soft.com/user']['name'] authorities: - path: $.scope prefix: SCOPE_
Expected behavior Each scope entry in the scope claim should be mapped to an individual GrantedAuthority (each prefixed with SCOPE_ in the sample above)
GrantedAuthority
SCOPE_
Describe the bug When
scopeclaim (orscp) is used as source for authorities, space separated values are interpreted as a single value. It should not.Code sample
Expected behavior Each scope entry in the scope claim should be mapped to an individual
GrantedAuthority(each prefixed withSCOPE_in the sample above)