This PR refines the handling of the scopes property within JWT payloads for both AccessToken and RefreshToken structures, transitioning from an array format ([String]?) to a singular string format (String?). This adjustment ensures our JWT scope representation is in full compliance with the OAuth 2.0 Authorization Framework as outlined in RFC 6749.
RFC 6749 specifies that scopes should be space-delimited within the scope parameter. While this standard directly pertains to OAuth 2.0 request parameters, adopting a consistent representation in JWTs promotes uniformity and simplifies integration with OAuth 2.0 compliant systems. Moreover, it enhances interoperability by ensuring scope representations are universally understood and processed in the same manner, irrespective of their context within requests or tokens.
Key Changes:
The scopes property within AccessToken and RefreshToken JWTs is now a single String?, accommodating a space-separated list of scopes, instead of [String]?.
Adapted JWT encoding and decoding logic to manage scopes as a space-separated string. This includes modifications to serialization methods and adjustments to parsing routines to split the string into individual scopes when necessary.
This change does not affect the OAuth 2.0 request or response formats directly but rather aligns the JWT payload structure with the broader expectations of the OAuth 2.0 framework, facilitating a more standardized approach to scope handling across different components of the authentication and authorization flow.
vamsii777
commented
9 months ago
This PR refines the handling of the
scopesproperty within JWT payloads for bothAccessTokenandRefreshTokenstructures, transitioning from an array format ([String]?) to a singular string format (String?). This adjustment ensures our JWT scope representation is in full compliance with the OAuth 2.0 Authorization Framework as outlined in RFC 6749.RFC 6749 specifies that scopes should be space-delimited within the scope parameter. While this standard directly pertains to OAuth 2.0 request parameters, adopting a consistent representation in JWTs promotes uniformity and simplifies integration with OAuth 2.0 compliant systems. Moreover, it enhances interoperability by ensuring scope representations are universally understood and processed in the same manner, irrespective of their context within requests or tokens.
Key Changes:
scopesproperty withinAccessTokenandRefreshTokenJWTs is now a singleString?, accommodating a space-separated list of scopes, instead of[String]?.scopesas a space-separated string. This includes modifications to serialization methods and adjustments to parsing routines to split the string into individual scopes when necessary.This change does not affect the OAuth 2.0 request or response formats directly but rather aligns the JWT payload structure with the broader expectations of the OAuth 2.0 framework, facilitating a more standardized approach to scope handling across different components of the authentication and authorization flow.