Skip to content

Fix Auth Consent scopes issue #4733

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Oct 15, 2018
Merged

Fix Auth Consent scopes issue #4733

merged 4 commits into from
Oct 15, 2018

Conversation

@impactmass
Copy link
Contributor

@impactmass impactmass commented Oct 13, 2018
edited
Loading

Impact: major
Type: bugfix

Issues

  • HYDRA_SESSION_LIFESPAN env value should be a Number (else it will be ignored). Setting via ENV passes a string, so it should be converted.
  • The granted scopes during user consent flow are not correctly passed back to Hydra. This can be seen when openid scope is added at the beginning of the auth flow by the consumer app, and there is no issuance of an id_token on completion of the auth. This was also preventing refresh-tokens from being granted (seen while fixing Enable access token refreshing example-storefront#350)

Solution

  • HYDRA_SESSION_LIFESPAN: If the env is passed in, convert it to Number before using.
  • Scopes: Make getConsent call to retrieve the list of the client-requested scope, and pass them when granting the consent in the acceptConsentRequest call.

Testing

  1. You need to have Starterkit (develop branch), Hydra (master) and Reaction services running
  2. First, without using this branch (use rc-5) , see that refresh_token is not issued after logging in. You can add a console.log in the strategy callback
  3. Switch your Reaction service to run on this branch, perform the login flow again, and confirm that you see id_token and refresh_tokens in your log.

@impactmass impactmass changed the title WIP - Fix issues with Auth Consent scopes WIP - Fix Auth Consent scopes issue Oct 13, 2018
@impactmass impactmass mentioned this pull request Oct 15, 2018
Merged
@impactmass impactmass changed the title WIP - Fix Auth Consent scopes issue Fix Auth Consent scopes issue Oct 15, 2018
@impactmass impactmass requested a review from rosshadden October 15, 2018 16:32
@impactmass impactmass added this to the Oxford milestone Oct 15, 2018
@rosshadden rosshadden merged commit aaa6a06 into release-2.0.0-rc.5 Oct 15, 2018
@rosshadden rosshadden deleted the hydra-consent-fixes branch October 15, 2018 19:58
@spencern spencern mentioned this pull request Oct 18, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@rosshadden rosshadden rosshadden approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

Oxford

Development

Successfully merging this pull request may close these issues.

3 participants

@impactmass @rosshadden