barchetta
commented
10 months ago Can you please state what version of Helidon you are using and if it is MP or SE.
Open rakukrej opened 10 months ago
barchetta
commented
10 months ago Can you please state what version of Helidon you are using and if it is MP or SE.
fssouza
commented
9 months ago This is Helidon MP
rakukrej
commented
9 months ago We are using Helidon MP passing scopes to application generated via IDCS. We are passing token with 2 scopes to application. In application.yaml file, we have specified allowed scopes in pattern "allowedScopes: [ "a","b","c"]" When giving a hit to application through bearer token having 2 scopes with space separated as [a x] We are getting error "InvalidTokenException: Scope is not in the allow list. Scope verification failed"
As a workaround, in application.yaml file when specified allowed scopes as "allowedScopes: [ "a","b","c","a x","x a"]" It works. Ideally if any of scope being present in bearer token should be passed which is not happening currently. Hence raised bug
romain-grecourt
commented
9 months ago We are using Helidon MP
And what version of Helidon are you using ? BTW, the template for the issue prompts you to specify both flavor and version...
rakukrej
commented
9 months ago Helidon Version: 3.2.2 Helidon MP JDK version: 17.0.3 OS: Mac OS Docker version (if applicable): N/A
We are passing 3 scopes to application via allowed scopes which are defined separately but helidon is unable to process them. In logs, we are getting scope is not in allowed list though we have passed it separately in application.yaml file. As a workaround when we passed 3 scopes with space it worked. Example: allowedScopes: [ "a","b",] # doesn't work Passed token with scope [a b] Error : InvalidTokenException: Scope is not in the allow list. Scope verification failed
Workaround: allowedScopes: [ "a b","b a","a","b"] # works Passed token from idcs with scope [a b]