ncsa / oa4mp

Open Authorization for MyProxy
https://oa4mp.org/
Other
8 stars 10 forks source link

Change client default scope loading #103

Closed jjg-123 closed 1 year ago

jjg-123 commented 1 year ago

Currently the default is to load every scope for a client, then remove what is explicitly denied. This was done originally to make deploying the client (intended as a very simple sample) a snap. Evolution has made the client central to any number of operations such as proxying and this is now counter-intuitive and annoying.

The expected behavior is that only listing a scope explicitly adds it to the client's request list. Optionally it may be disabled (mostly so you don't have to go to the trouble of removing it from the configuration for, say, debugging purposes).