It's common for OAuth scopes to be namespaced using a colon (e.g. user:profile:name). This makes it easy for documentation to group scopes and opens up the possibility to request multiple scopes at once (e.g. user:*) when creating an application.
Create a scope with a scope ID that contains a colon.
Change the scope_id field to a text field with custom validation. The ID that is used for configuration can still be derived from it by using Drupal's machine name conversion algorithm (converting a colon to an underscore for example). The configuration ID already deviates from the scope ID. Using this conversion method also makes it possible to easily translate external requests into the correct configuration ID to load.
None
None
Scope IDs can now contain a colon.
| Comment | File | Size | Author |
|---|---|---|---|
| #2 | oauth2_server-3174094-2.patch | 2.62 KB | kingdutch |
Comments
Comment #2
kingdutchThe attached patch seems to do the trick. Loading of scopes is already done by scope_id which is a normal string type that allows a semicolon to be in the name. The only place where a semicolon was problematic was in the usage of the scope id in the configuration name which does not allow a semicolon. This is easily remedied by introducing a sanitization method that is seen in the included patch.
If we agree on the addition of semicolons then this patch should be enough.
Comment #5
sanduhrsCommitted to -dev, thanks!