oauth2-server icon indicating copy to clipboard operation
oauth2-server copied to clipboard

Published 20 hours ago verified publisher icon thephpleague

Restrict Characters for a Scope

Open Sephster opened this issue 5 years ago • 0 comments

The OAuth spec limits characters that can be used in a scope to the following:

scope-token = 1*( %x21 / %x23-5B / %x5D-7E )

I don't believe we currently have formal restrictions on the scope characters. If we do not, we need to add this in to provide better alignment with the OAuth 2 spec.

Sephster avatar Oct 18 '18 12:10 Sephster