On Thu, Feb 13, 2020 at 10:50 AM Asela Pathberiya <[email protected]> wrote:
> > > On Thu, Feb 13, 2020 at 10:48 AM Sarubi Thillainathan <[email protected]> > wrote: > >> Hi Asela, >> >> Just to be clear, Can we register scope values as regex patterns ? >>> In APIM there is scope white listing capabilities which can be sent any >>> scope value related to the given regex, "device_*" such scope. >>> >> Nope, in IS we don't have this capability. >> The only thing that we enforce is can't have space in the scope name. >> > > There are cases in which application needs to send some random scope to > identify the devices. Can't we handle such cases by default ? > Yes, we can't handle such cases default. I would like to know why those needs to be random? If it is for identifying the device then can't we register those beforehand? > > Thanks, > Asela. > > >> Thanks, >> Sarubi. >> >> On Wed, Feb 12, 2020 at 6:06 PM Asela Pathberiya <[email protected]> wrote: >> >>> >>> >>> On Wed, Feb 12, 2020 at 5:44 PM Sarubi Thillainathan <[email protected]> >>> wrote: >>> >>>> >>>> >>>> >>>> On Wed, Feb 12, 2020 at 5:38 PM Sarubi Thillainathan <[email protected]> >>>> wrote: >>>> >>>>> Hi All, >>>>> >>>>> Currently in IS, whenever a token request comes with a list of scopes >>>>> we'll be showing all the scopes and get the consent from the user >>>>> regardless of that scopes are requested or not in the Identity Server. >>>>> But by going forward with IS 5.10.0, we'll be more descriptive and >>>>> decided to show the display name of the scope and it's the description as >>>>> well when we are getting the consent from the user. Also, if the scope is >>>>> not registered under the OAuth2 scope or OIDC scope in the IS, then we >>>>> decided to skip that particular scope from the consent page also in the >>>>> response as a default behaviour. >>>>> >>>> >>> Just to be clear, Can we register scope values as regex patterns ? >>> In APIM there is scope white listing capabilities which can be sent any >>> scope value related to the given regex, "device_*" such scope. >>> >>> Thanks, >>> Asela. >>> >>> >>>> >>>>> In order to keep the backward compatibility, we'll keep a flag so that >>>>> we can enable it if we want to list the scope which is not registered. >>>>> Note >>>>> that in that case scopes which are not registered will display with the >>>>> provided scope name and scopes which are registered will displayed with >>>>> their corresponding display name and description in the consent page. >>>>> >>>>> Highly appreciate your ideas and suggestion on this. >>>>> >>>>> >>>>> >>>>> >>>>> Thanks, >>>>> Sarubi. >>>>> -- >>>>> *Sarubi Thillainathan* | Software Engineer | WSO2 Inc. >>>>> (m) +94 (0) 76 684 9101 | (e) [email protected],[email protected] >>>>> >>>>> *[image: https://wso2.com/signature] <https://wso2.com/signature>* >>>>> >>>> >>>> >>>> -- >>>> *Sarubi Thillainathan* | Software Engineer | WSO2 Inc. >>>> (m) +94 (0) 76 684 9101 | (e) [email protected],[email protected] >>>> >>>> *[image: https://wso2.com/signature] <https://wso2.com/signature>* >>>> _______________________________________________ >>>> Architecture mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>> >>> >>> >>> -- >>> Thanks & Regards, >>> Asela >>> >>> Mobile : +94 777 625 933 >>> >>> http://soasecurity.org/ >>> http://xacmlinfo.org/ >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >> >> >> -- >> *Sarubi Thillainathan* | Software Engineer | WSO2 Inc. >> (m) +94 (0) 76 684 9101 | (e) [email protected],[email protected] >> >> *[image: https://wso2.com/signature] <https://wso2.com/signature>* >> > > > -- > Thanks & Regards, > Asela > > Mobile : +94 777 625 933 > > http://soasecurity.org/ > http://xacmlinfo.org/ > -- *Sarubi Thillainathan* | Software Engineer | WSO2 Inc. (m) +94 (0) 76 684 9101 | (e) [email protected],[email protected] *[image: https://wso2.com/signature] <https://wso2.com/signature>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
