habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

providers/oauth2: if no scopes are sent in authorize request, select all configured scopes

Browse Source 
closes #3112

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
2022-07-01 18:29:24 +02:00
parent d11ce0a86e
commit 23273f53cc
3 changed files with 40 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
website/docs/releases/v2022.7.md
View File

@ -30,6 +30,10 @@ slug: "2022.7"
Instead of having to choose between using the `:latest` tag and explicit versions like `:2022.7.1`, there are now also version-family tags (:2022.7). This allows for sticking with a single version but still getting bugfix updates.
- OAuth2 Provider default Scopes
Starting with authentik 2022.7, when an OAuth client doesn't specify any scopes, authentik will treat the request as if all the configured scopes of that provider had been requested. Normal consent is still required depending on the configured flow. No special scopes will be added, as those can't be selected in the configuration.
## Minor changes/fixes
- api: add basic jwt support with required scope (#2624)