So currently when I am handling issuing OAuth tokens, multiple grant types are used for different endpoints in my proxies. What I am trying to do is check that the scopes requested for a particular grant type don’t include a certain scope.
Here is an example of what I am trying to do:
request.queryparam.response_type = “code” and request.queryparam.scope ~~ “scope_name”
So this works fine if scope_name is the only scope being requested. But if anything else is requested at the same time, it issues the token which I don’t want.
So my question is, how can I do a partial match? So if for example the requested scopes are scope_reject scope_approve, if scope_reject exists anywhere in the scope queryparam it finds the match.
Any assistance would be great!
Cheers.