(syncope) branch 4_1_X updated: [SYNCOPE-1964] Add new OIDC scopes to the default set (#1357)

Fri, 24 Apr 2026 05:28:15 -0700 

This is an automated email from the ASF dual-hosted git repository.

ilgrosso pushed a commit to branch 4_1_X
in repository https://gitbox.apache.org/repos/asf/syncope.git


The following commit(s) were added to refs/heads/4_1_X by this push:
     new 607dde761a [SYNCOPE-1964] Add new OIDC scopes to the default set 
(#1357)
607dde761a is described below

commit 607dde761a35926686287a57141cbe920ab10c95
Author: mdisabatino <[email protected]>
AuthorDate: Fri Apr 24 14:26:27 2026 +0200

    [SYNCOPE-1964] Add new OIDC scopes to the default set (#1357)
---
 .../java/org/apache/syncope/common/lib/OIDCStandardScope.java    | 5 ++++-
 .../syncope/wa/bootstrap/mapping/DefaultAttrReleaseMapper.java   | 9 +++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git 
a/common/am/lib/src/main/java/org/apache/syncope/common/lib/OIDCStandardScope.java
 
b/common/am/lib/src/main/java/org/apache/syncope/common/lib/OIDCStandardScope.java
index 57aa9dda27..4464173a22 100644
--- 
a/common/am/lib/src/main/java/org/apache/syncope/common/lib/OIDCStandardScope.java
+++ 
b/common/am/lib/src/main/java/org/apache/syncope/common/lib/OIDCStandardScope.java
@@ -24,6 +24,9 @@ public enum OIDCStandardScope {
     address,
     email,
     profile,
-    phone;
+    phone,
+    offline_access,
+    device_sso,
+    assurance;
 
 }
diff --git 
a/wa/bootstrap/src/main/java/org/apache/syncope/wa/bootstrap/mapping/DefaultAttrReleaseMapper.java
 
b/wa/bootstrap/src/main/java/org/apache/syncope/wa/bootstrap/mapping/DefaultAttrReleaseMapper.java
index f7fc7325b6..de0cb69eab 100644
--- 
a/wa/bootstrap/src/main/java/org/apache/syncope/wa/bootstrap/mapping/DefaultAttrReleaseMapper.java
+++ 
b/wa/bootstrap/src/main/java/org/apache/syncope/wa/bootstrap/mapping/DefaultAttrReleaseMapper.java
@@ -38,6 +38,7 @@ import 
org.apereo.cas.configuration.model.core.authentication.PrincipalAttribute
 import org.apereo.cas.configuration.support.TriStateBoolean;
 import org.apereo.cas.oidc.claims.BaseOidcScopeAttributeReleasePolicy;
 import org.apereo.cas.oidc.claims.OidcAddressScopeAttributeReleasePolicy;
+import org.apereo.cas.oidc.claims.OidcAssuranceScopeAttributeReleasePolicy;
 import org.apereo.cas.oidc.claims.OidcCustomScopeAttributeReleasePolicy;
 import org.apereo.cas.oidc.claims.OidcEmailScopeAttributeReleasePolicy;
 import org.apereo.cas.oidc.claims.OidcPhoneScopeAttributeReleasePolicy;
@@ -252,6 +253,14 @@ public class DefaultAttrReleaseMapper implements 
AttrReleaseMapper {
                         OIDCStandardScope.phone,
                         internal,
                         external.toString());
+            } else if 
(OidcAssuranceScopeAttributeReleasePolicy.ALLOWED_CLAIMS.contains(external.toString()))
 {
+                buildForOIDCStandardScope(
+                        clientApp,
+                        policies,
+                        OidcAssuranceScopeAttributeReleasePolicy::new,
+                        OIDCStandardScope.assurance,
+                        internal,
+                        external.toString());
             } else {
                 oidcOpEntity.getCustomScopes().entrySet().stream().
                         filter(entry -> 
clientApp.getScopes().contains(entry.getKey())

Reply via email to