- Notifications
You must be signed in to change notification settings - Fork1k
feat: publish RBAC scopes in OAuth2 metadata endpoints#19942
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Merged
ThomasK33 merged 1 commit intomainfromthomask33/09-24-add_oauth2_external_scope_metadataSep 26, 2025
Merged
feat: publish RBAC scopes in OAuth2 metadata endpoints#19942
ThomasK33 merged 1 commit intomainfromthomask33/09-24-add_oauth2_external_scope_metadataSep 26, 2025
+20 −17
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
This was referencedSep 24, 2025
MemberAuthor
ThomasK33 commentedSep 24, 2025 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
d62d594 to57ec770Comparec86d555 tob630882Compare411151c to73e3922Compareb630882 to143c808Compare73e3922 to3f1594cCompare143c808 to93a509eCompare3f1594c todd9a21cCompare93a509e to8707c00Comparedd9a21c to0edbf0cCompare8707c00 to2b7e3a9Compare0edbf0c tobb211faCompare2b7e3a9 to20c22feComparebb211fa toa4a9d57Compare20c22fe to22123c0Comparea4a9d57 toacadd79Compare22123c0 to3eeb008Compareacadd79 tob8267e1Compare3eeb008 to350aacfCompare350aacf to58e600eCompare9e0bf76 tof851f7fCompare58e600e to36b876bComparef851f7f to907f0c3Compare36b876b to55d1084Compare907f0c3 to9e0bf76Compare55d1084 to58e600eCompare9e0bf76 to1c54aa1Comparefb54cae toc6efbe0Compare1c54aa1 to92a39d1Comparec6efbe0 to94ad114CompareEmyrk approved these changesSep 25, 2025
94ad114 to716c772Compare1d1eb15 tofd6e329Compare716c772 to8f4b99bComparejohnstcn approved these changesSep 26, 2025
MemberAuthor
ThomasK33 commentedSep 26, 2025 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
Merge activity
|
Replace empty slice placeholders with rbac.ExternalScopeNames() topublish supported OAuth2 scopes from the curated RBAC scope catalog inboth authorization server and protected resource metadata endpoints.Update tests to verify proper scope exposure instead of empty arrays.
8f4b99b to9de28efCompare05537c1 intomain 52 of 54 checks passed
Uh oh!
There was an error while loading.Please reload this page.
Sign up for freeto subscribe to this conversation on GitHub. Already have an account?Sign in.
Labels
None yet
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Publish supported OAuth2 scopes from RBAC external scope names
This PR updates the OAuth2 metadata endpoints to publish the supported scopes from the RBAC external scope names. Previously, the
ScopesSupportedfield was empty with a TODO to implement a scope system. Now, both the authorization server metadata and protected resource metadata endpoints return the list of scopes fromrbac.ExternalScopeNames().The tests have been updated to verify that the correct scopes are being returned in the metadata responses.