Learn more about these different git repos.
Other Git URLs
Currently, default_config uses the (now deprecated) scope of "fedora" to get group and CLA information on a user. Please update this to use the scopes as registered on https://fedoraproject.org/wiki/Infrastructure/Authentication.
Timezone information should now be in the standard "profile" scope as documented on that same page.
These new registered scopes are currently live in development, staging and production, and my plan is to fully remove the "fedora" scope when this ticket gets closed.
If I understand correctly, we should replace the fedora scope with both groups and cla in the config file. Is it correct? Is there anything else we need to do?
fedora
groups
cla
Correct. As far as I know that should be it.
When I try that, the openid provider returns an error on the callback endoint: error_description=unknown+scope+groups+requested&error=invalid_scope
error_description=unknown+scope+groups+requested&error=invalid_scope
For development we are using https://iddev.fedorainfracloud.org/ as the provider.
https://iddev.fedorainfracloud.org/
This is the one that's literally in the documentation as an example:
Every service will first list it's base namespace, and then the scope ID and a short summary of the scopes. To get the full scope to request, append the scope ID to the base namespace. So for example, to get the group information, this becomes: https://id.fedoraproject.org/scope/groups
Indeed, it works much better with the prefix :-) We're also requesting the "openid" scope, is it OK? I don't see it in the wiki page.
Ah, thanks for pointing out I was missing that in the documentation. That is a required scope yes :).
Given that your pull request is merged, I'm going to remove the scope from all our instances in the coming week.
Is this one right to close now @abompard @puiterwijk ?
I think so.
Metadata Update from @abompard: - Issue assigned to abompard - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.