Include Requested Scopes in Webhook Requests

ory / hydra

The most scalable and customizable OpenID Certified™ OpenID Connect and OAuth Provider on the market. Become an OpenID Connect and OAuth2 Provider over night. Broad support for related RFCs. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.

https://www.ory.sh/?utm_source=github&utm_medium=banner&utm_campaign=hydra

Apache License 2.0

15.66k stars 1.5k forks source link

Include Requested Scopes in Webhook Requests #3891

Open 3schwartz opened 1 week ago

3schwartz commented 1 week ago

Add requested scopes to the webhook request, allowing the webhook to condition access based on the scopes requested by the user.

Related issue(s)

Fixes https://github.com/ory/hydra/issues/3620, particularly implementing the idea proposed in this comment: https://github.com/ory/hydra/issues/3620#issuecomment-1745442682.

If this PR is accepted, I can provide an update to the documentation.

Checklist

[X] I have read the contributing guidelines.
[X] I have referenced an issue containing the design document if my change introduces a new feature.
[X] I am following the contributing code guidelines.
[X] I have read the security policy.
[X] I confirm that this pull request does not address a security vulnerability. If this pull request addresses a security vulnerability, I confirm that I got the approval (please contact security@ory.sh) from the maintainers to push the changes.
[ ] I have added tests that prove my fix is effective or that my feature works.
[ ] I have added or changed the documentation.

Further Comments

codecov[bot] commented 5 days ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 73.29%. Comparing base (e278b40) to head (e830579). Report is 12 commits behind head on master.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## master #3891 +/- ## ======================================= Coverage 73.28% 73.29% ======================================= Files 139 139 Lines 10914 10933 +19 ======================================= + Hits 7998 8013 +15 - Misses 2377 2384 +7 + Partials 539 536 -3 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

🚨 Try these New Features:

Flaky Tests Detection - Detect and resolve failed and flaky tests
JS Bundle Analysis - Avoid shipping oversized bundles

3schwartz commented 14 hours ago

Hi @aeneasr, @hperl, @alnr,

Would any of you have some time to take a look at this? I’d really appreciate your input.