On Thu, Feb 13, 2020 at 10:48 AM Sarubi Thillainathan <sar...@wso2.com> wrote:
> Hi Asela, > > Just to be clear, Can we register scope values as regex patterns ? >> In APIM there is scope white listing capabilities which can be sent any >> scope value related to the given regex, "device_*" such scope. >> > Nope, in IS we don't have this capability. > The only thing that we enforce is can't have space in the scope name. > There are cases in which application needs to send some random scope to identify the devices. Can't we handle such cases by default ? Thanks, Asela. > Thanks, > Sarubi. > > On Wed, Feb 12, 2020 at 6:06 PM Asela Pathberiya <as...@wso2.com> wrote: > >> >> >> On Wed, Feb 12, 2020 at 5:44 PM Sarubi Thillainathan <sar...@wso2.com> >> wrote: >> >>> >>> >>> >>> On Wed, Feb 12, 2020 at 5:38 PM Sarubi Thillainathan <sar...@wso2.com> >>> wrote: >>> >>>> Hi All, >>>> >>>> Currently in IS, whenever a token request comes with a list of scopes >>>> we'll be showing all the scopes and get the consent from the user >>>> regardless of that scopes are requested or not in the Identity Server. >>>> But by going forward with IS 5.10.0, we'll be more descriptive and >>>> decided to show the display name of the scope and it's the description as >>>> well when we are getting the consent from the user. Also, if the scope is >>>> not registered under the OAuth2 scope or OIDC scope in the IS, then we >>>> decided to skip that particular scope from the consent page also in the >>>> response as a default behaviour. >>>> >>> >> Just to be clear, Can we register scope values as regex patterns ? >> In APIM there is scope white listing capabilities which can be sent any >> scope value related to the given regex, "device_*" such scope. >> >> Thanks, >> Asela. >> >> >>> >>>> In order to keep the backward compatibility, we'll keep a flag so that >>>> we can enable it if we want to list the scope which is not registered. Note >>>> that in that case scopes which are not registered will display with the >>>> provided scope name and scopes which are registered will displayed with >>>> their corresponding display name and description in the consent page. >>>> >>>> Highly appreciate your ideas and suggestion on this. >>>> >>>> >>>> >>>> >>>> Thanks, >>>> Sarubi. >>>> -- >>>> *Sarubi Thillainathan* | Software Engineer | WSO2 Inc. >>>> (m) +94 (0) 76 684 9101 | (e) sar...@wso2.com,stsa...@gmail.com >>>> >>>> *[image: https://wso2.com/signature] <https://wso2.com/signature>* >>>> >>> >>> >>> -- >>> *Sarubi Thillainathan* | Software Engineer | WSO2 Inc. >>> (m) +94 (0) 76 684 9101 | (e) sar...@wso2.com,stsa...@gmail.com >>> >>> *[image: https://wso2.com/signature] <https://wso2.com/signature>* >>> _______________________________________________ >>> Architecture mailing list >>> Architecture@wso2.org >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >> >> >> -- >> Thanks & Regards, >> Asela >> >> Mobile : +94 777 625 933 >> >> http://soasecurity.org/ >> http://xacmlinfo.org/ >> _______________________________________________ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > > > -- > *Sarubi Thillainathan* | Software Engineer | WSO2 Inc. > (m) +94 (0) 76 684 9101 | (e) sar...@wso2.com,stsa...@gmail.com > > *[image: https://wso2.com/signature] <https://wso2.com/signature>* > -- Thanks & Regards, Asela Mobile : +94 777 625 933 http://soasecurity.org/ http://xacmlinfo.org/
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture