how to use scopes in Oauth2.0 to authorize user using Express Gateway(Microservice API Gateway)?

Question

I did scopes with key-auth mechanism is perfectly working, but when i use scopes with Oauth2.0 mechanism, i am getting unauthorized error. I did without scopes, the Oauth2.0 mechanism is working perfectly. Please suggest how to solve this problem?

Following is Gateway YAML configuration:

http:
  port: 8080
admin:
  port: 9876
  host: localhost
apiEndpoints:
  api:
    - host: 'localhost'
      paths: ['/user', '/user/:id']
      methods: ["GET"]
      scopes: ["user"]
    - host: 'localhost'
      paths: ['/user', '/user/:id']
      methods: ["PUT", "POST", "DELETE"]
      scopes: ["admin"]
  myApiRest:
    host: 'localhost'
    paths: '/posts'
serviceEndpoints:
  jsonplaceholder:
    url: 'http://localhost:8899'
  restDummyService:
    url: 'https://jsonplaceholder.typicode.com'
policies:
  - basic-auth
  - cors
  - expression
  - key-auth
  - log
  - oauth2
  - proxy
  - rate-limit
pipelines:
  - name: one
    apiEndpoints:
      - api
    policies:
      -  oauth2:
      #- basic-auth:
      #- key-auth:
      - proxy:
        - action:
            serviceEndpoint: jsonplaceholder
            changeOrigin: true
  - name: two
    apiEndpoints:
      - myApiRest
    policies:
      #- key-auth:
      - proxy:
        - action:
            serviceEndpoint: restDummyService
            changeOrigin: true

You might want to show your configuration files and the steps you did to create such stuff, otherwise it's hard to help you here. — Vincenzo, Aug 17 '19 at 16:56

how to use scopes in Oauth2.0 to authorize user using Express Gateway(Microservice API Gateway)?

0 Answers0