feat: add scopes validator for logical evalulation

ory / oathkeeper

A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust white paper. Written in Go.

https://www.ory.sh/?utm_source=github&utm_medium=banner&utm_campaign=hydra

Apache License 2.0

3.2k stars 349 forks source link

feat: add scopes validator for logical evalulation #1143

Open JarekKa opened 7 months ago

JarekKa commented 7 months ago

This feature introduces logical "OR" in the scope validation. Any match would suffice here. Example below. Details in issue.

Example of a match: "required_scope": ["scope1", "scope2"] token scopes: "scope1"

Related issue(s)

https://github.com/ory/oathkeeper/issues/1129

Checklist

[x] I have read the contributing guidelines.
[x] I have referenced an issue containing the design document if my change introduces a new feature.
[x] I am following the contributing code guidelines.
[x] I have read the security policy.
[x] I confirm that this pull request does not address a security vulnerability. If this pull request addresses a security vulnerability, I confirm that I got the approval (please contact security@ory.sh) from the maintainers to push the changes.
[x] I have added tests that prove my fix is effective or that my feature works.
[x] I have added or changed the documentation.

Further Comments

Corresponding docs PR: https://github.com/ory/docs/pull/1608

CLAassistant commented 7 months ago

All committers have signed the CLA.

codecov[bot] commented 7 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Comparison is base (b5d4d88) 78.16% compared to head (de27dca) 77.72%. Report is 1 commits behind head on master.

:exclamation: Current head de27dca differs from pull request most recent head c096e04. Consider uploading reports for the commit c096e04 to get more accurate results

Additional details and impacted files

```diff @@ Coverage Diff @@ ## master #1143 +/- ## ========================================== - Coverage 78.16% 77.72% -0.45% ========================================== Files 80 80 Lines 3898 4036 +138 ========================================== + Hits 3047 3137 +90 - Misses 576 618 +42 - Partials 275 281 +6 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

JarekKa commented 7 months ago

I couldn't reproduce linter check issues locally. Dockers issues seem to pop up in other PR too. https://github.com/ory/oathkeeper/pull/1138/checks For now I don't want to bloat PR with dependency bumps.