Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Combining OpenId and OfflineAccess scope #16220

Open
wants to merge 1 commit into
base: contrib
Choose a base branch
from
Open

Combining OpenId and OfflineAccess scope #16220

wants to merge 1 commit into from
+9 −1

Conversation

mcl-sz
Copy link
Contributor

@mcl-sz mcl-sz commented May 6, 2024

When the client scope is set to "openid offline_access", the returned scope only has the "offline_access" scope. The "openid" scope and the "id_token" are missing. By combining the OpenId and OfflineAccess as return scope, the refresh_token and id_token are returned.

Prerequisites

  • I have added steps to test this contribution in the description below

If there's an existing issue for this PR then this fixes

Description

This change checks if the OpenId and/or OfflineAccess scope is set and combines them.
To test I've used the Client app of this repro from Jeroen Breuer: https://github.com/jbreuer/UmbracoDeliveryApiAuthDemo

Change https://github.com/jbreuer/UmbracoDeliveryApiAuthDemo/blob/a799b307302f7189d7ddd69b9554ae2b24612eb4/src/Client/src/App.js#L22 to const scope = 'openid offline_access';

Copy the "OpenIdConnect" section in the appsettings.json to your own installation.

The token result looks like this:

afbeelding
Note that the id_token is missing and the scope is set to "offline_access" only.

After applying this PR, te result looks like this:

afbeelding

@mcl-sz
Combining OpenId and OfflineAccess scope
eb31445 
When the client scope is set to "openid offline_access", the returned scope only has the "offline_access" scope. The "openid" scope and the "id_token" are missing. By combining the OpenId and OfflineAccess as return scope, the refresh_token and id_token are returned.
@github-actions GitHub Actions
Copy link

github-actions bot commented May 6, 2024
edited by georgebid

Hi there @mcl-sz, thank you for this contribution! 👍

While we wait for one of the Core Collaborators team to have a look at your work, we wanted to let you know about that we have a checklist for some of the things we will consider during review:

  • It's clear what problem this is solving, there's a connected issue or a description of what the changes do and how to test them
  • The automated tests all pass (see "Checks" tab on this PR)
  • The level of security for this contribution is the same or improved
  • The level of performance for this contribution is the same or improved
  • Avoids creating breaking changes; note that behavioral changes might also be perceived as breaking
  • If this is a new feature, Umbraco HQ provided guidance on the implementation beforehand
  • 💡 The contribution looks original and the contributor is presumably allowed to share it

Don't worry if you got something wrong. We like to think of a pull request as the start of a conversation, we're happy to provide guidance on improving your contribution.

If you realize that you might want to make some changes then you can do that by adding new commits to the branch you created for this work and pushing new commits. They should then automatically show up as updates to this pull request.

Thanks, from your friendly Umbraco GitHub bot 🤖 🙂

@mcl-sz mcl-sz mentioned this pull request May 6, 2024
Open
@georgebid
Copy link
Contributor

Hey @mcl-sz, thanks a lot for your PR. Someone on the Core Collaborators team will review this soon 😄

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@mcl-sz @georgebid