scope is a Go library for validating OIDC token scopes. It allows you to verify if tokens meet validation requirements described in the RFC6749 document.
The following example illustrates how to verify the OIDC scope string. The scope must include the openid token.
import (
"fmt"
"strings"
"github.com/qba73/scope"
)
func main() {
scopes := []string{"openid myscope email", "myscope email"}
for _, s := range scopes {
if !scope.ValidOIDC(s) {
fmt.Println("invalid scope")
}
}
}The following example illustrates how to verify tokens in the scope. Note that func Valid() validates
if tokens do not contain unsupported characters.
import (
"fmt"
"strings"
"github.com/qba73/scope"
)
func main() {
tokens := "openid myscope email"
for _, token := range strings.Split(tokens, "+") {
if !scope.Valid(token) {
fmt.Printf("scope/token %v is not valid\n", token)
}
fmt.Printf("scope/token %v is valid\n", token)
}
}If you find a bug in the scope library, please open an issue. Similarly, if you'd like a feature added or improved, let me know via an issue.
Pull requests welcome!