oauth2-server
oauth2-server copied to clipboard
Restrict Characters for a Scope
The OAuth spec limits characters that can be used in a scope to the following:
scope-token = 1*( %x21 / %x23-5B / %x5D-7E )
I don't believe we currently have formal restrictions on the scope characters. If we do not, we need to add this in to provide better alignment with the OAuth 2 spec.