Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Token Validation - OAuth2 #172

Open
mohanar2 opened this issue Jul 21, 2020 · 3 comments
Open

Security Token Validation - OAuth2 #172

mohanar2 opened this issue Jul 21, 2020 · 3 comments
Labels
enhancement New feature or request

Comments

@mohanar2
Copy link

Currently sysl-go don't have the ability to validate the security token and perform any scope checks for an endpoint.
@orlade-anz
Copy link
Collaborator

@mohanar2 Can you provide some more context on this? Is it blocking some particular piece of work?

@orlade-anz orlade-anz added the enhancement New feature or request label Jul 24, 2020
@mohanar2
Copy link
Author

mohanar2 commented Jul 24, 2020
edited
Loading

This isn't blocking any of our current work. This is an enhancement that we need for validating JWT. @andrewemeryanz is aware of this change that we have requested.

The idea is to define a JWT Scope for every endpoint we define in .sysl. And let sysl build the capability to validate the token and check if the scope is present in the JWT every-time someone calls the endpoint.

Since all the boiler-plate code is being auto generated, we feel this ability to validate the token can be bundled along.

@andrewemeryanz
Copy link
Contributor

The proposal is to perform validation of a jwt scope using the jwtauth library.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@orlade-anz @andrewemeryanz @mohanar2