[
https://issues.apache.org/jira/browse/FEDIZ-203?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16080531#comment-16080531
]
Sergey Beryozkin commented on FEDIZ-203:
----------------------------------------
Hi Jan
I wonder, in FedizSubjjectCreator, should the roles be set only if either the
roles claims is set (already checked) or the roles scope is available - with
your update it is just set, thus the code which checks the claims property (and
roles) becomes redundant. Well, may be the roles should be reported by
default... The other thing is that when the roles are requests via "claims" the
code there assumes the name of the claim is configurable ("roles" is default)...
Let me have a look tomorrow...
> Support "roles" scope
> ---------------------
>
> Key: FEDIZ-203
> URL: https://issues.apache.org/jira/browse/FEDIZ-203
> Project: CXF-Fediz
> Issue Type: New Feature
> Components: OIDC
> Reporter: Jan Bernhardt
> Assignee: Jan Bernhardt
> Fix For: 1.4.1
>
> Attachments: 0001-cxf-FEDIZ-203-Add-roles-scope-support.patch,
> 0001-fediz-FEDIZ-203-Add-roles-scope-support.patch
>
>
> OIDC currently only supports role claims if they are requested as "claims"
> but not via "scope". Goal of this jira issue is to add support for a "roles"
> scope.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
