outposts/proxy: fix error handling, remove requirement for profile/etc scopes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 21:44:28 +01:00
parent 829e49275d
commit 4c45d35507
4 changed files with 18 additions and 24 deletions
--- a/internal/outpost/proxyv2/application/auth_bearer.go
+++ b/internal/outpost/proxyv2/application/auth_bearer.go
@ -52,10 +52,6 @@ func (a *Application) attemptBearerAuth(r *http.Request, token string) *TokenInt
 		a.log.Warning("token is not active")
 		return nil
 	}
-	if !strings.Contains(intro.Scope, "openid") || !strings.Contains(intro.Scope, "profile") {
-		a.log.Error("token missing openid or profile scope")
-		return nil
-	}
 	intro.RawToken = token
 	a.log.Trace("successfully introspected bearer token")
 	return &intro