WSO2 Open Banking Accelerator is a collection of technologies that increases the speed and reduces the complexity of adopting open banking compliance. Instead of building a solution from scratch, you can use WSO2 Open Banking Accelerator to meet all legislative requirements with additional benefits beyond compliance.
Apache License 2.0
7
stars
21
forks
source link
[OB3] Throwing an error when scope value contains unsupported scopes rather than ignoring those scopes in PAR #16
Description:
When the PAR endpoint is invoked with additional scopes as shown in the example, as per the OpenID standards [1], we should be ignoring those scopes rather than throwing an error.
REQUIRED. OpenID Connect requests MUST contain the openid scope value. If the openid scope value is not present, the behavior is entirely unspecified. Other scope values MAY be present. Scope values used that are not understood by an implementation SHOULD be ignored.
Suggested Labels:
[For non-committers only. Optional comma separated list of suggested labels. Non committers can’t assign labels to
issues, so this will help issue creators who are not a committer to suggest possible labels. Labels can be found
here - https://github.com/wso2/financial-open-banking/labels]
Suggested Assignees:
[For non-committers only. Optional comma separated list of suggested team members who should attend the issue. Non committers can’t assign issues to assignees, so this will help issue creators who are not a committer to suggest possible assignees]
Description: When the PAR endpoint is invoked with additional scopes as shown in the example, as per the OpenID standards [1], we should be ignoring those scopes rather than throwing an error.
"scope": "openid bank:accounts.basic:read bank:accounts.detail:read bank:transactions:read bank:payees:read bank:regular_payments:read common:customer.basic:read common:customer.detail:read email phone"
[1] OpenID Connect Core 1.0
Suggested Labels: [For non-committers only. Optional comma separated list of suggested labels. Non committers can’t assign labels to issues, so this will help issue creators who are not a committer to suggest possible labels. Labels can be found here - https://github.com/wso2/financial-open-banking/labels]
Suggested Assignees: [For non-committers only. Optional comma separated list of suggested team members who should attend the issue. Non committers can’t assign issues to assignees, so this will help issue creators who are not a committer to suggest possible assignees]
Affected Product Version:
OS, DB, other environment details and versions:
Steps to reproduce:
Related Issues: https://github.com/wso2-enterprise/ob-compliance-toolkit-cds/issues/236