Feature: Validate OAuth scopes

[david0]

in our schemas we use scopes:

paths:
  /users/:
      security:
        - OAuth2: [read_users]     # <------

It would be great if this library could also verify this part of the spec if the current users scopes are handed over.

If thats too much, maybe an API could be provided to get the matched current Path object from the schema to add additional validation?

[stevehu]

The verification of the scope should be part of the security token verification. Although it depends on the specification, it is not a simple schema validation against the spec. It is beyond the scope of this library. For more information on the scope verification, you can refer to the light-4j security

[david0]

I see that its beyond of what this library is doing, hence I'll close the ticket.

Still I think it would make sense to add some ability to do more custom validations by returning? the matched path object.