Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 46a9c3f

Browse files
MarcialRosalesMarcialRosales
committed
Update section relative to custom scopes
1 parent e40210e commit 46a9c3f

File tree

1 file changed

+9
-10
lines changed

1 file changed

+9
-10
lines changed

README.md

Lines changed: 9 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -517,14 +517,15 @@ make curl-with-token URL=http://localhost:15672/api/overview TOKEN=$(bin/jwt_tok
517517

518518
### Use custom scopes
519519

520-
In this use case you are going to demonstrate how to configure RabbitMQ to handle
520+
This section shows how to configure RabbitMQ to handle
521521
*custom scopes*. But what are *custom scopes*? They are any
522522
scope whose format is not compliant with RabbitMQ format. For instance, `api://rabbitmq:Read.All`
523523
is one of the custom scopes you will use in this use case.
524524

525525
#### How to configure RabbitMQ with custom scope mapping
526526

527-
Since RabbitMQ `3.10.0-rc.6`, you are able to map a custom scope to one or many RabbitMQ scopes.
527+
Custom scopes must be configured in the `advanced.config` configuration file.
528+
528529
See below a sample RabbitMQ configuration where you map `api://rabbitmq:Read.All`
529530
custom scope to `rabbitmq.read:*/*` RabbitMQ scope.
530531
```
@@ -538,7 +539,7 @@ custom scope to `rabbitmq.read:*/*` RabbitMQ scope.
538539
]}
539540
```
540541

541-
Additionally, you can map a custom scope to many RabbitMQ scopes. For instance below you
542+
You can map a custom scope to one or many RabbitMQ scopes. For instance below you
542543
are mapping the role `api://rabbitmq:producer` to 3 RabbitMQ scopes which grants
543544
`read`, `write` and `configure` access on any resource and on any vhost:
544545
```
@@ -558,7 +559,7 @@ are mapping the role `api://rabbitmq:producer` to 3 RabbitMQ scopes which grants
558559

559560
#### How custom scopes are carried in JWT tokens
560561

561-
If you do not configure RabbitMQ OAuth2 plugin with `extra_scopes_source`, RabbitMQ
562+
If you do not configure RabbitMQ OAuth2 plugin with `additional_scopes_key`, RabbitMQ
562563
expects the `scope` token's field to carry *custom scopes*. For instance, below you have a sample JWT
563564
token where the custom scopes are in the `scope` field :
564565
```
@@ -574,12 +575,10 @@ token where the custom scopes are in the `scope` field :
574575
}
575576
```
576577

577-
Now, let's say you do configure RabbitMQ OAuth2 plugin with `extra_scopes_source` as shown below:
578-
```
579-
{rabbitmq_auth_backend_oauth2, [
580-
{resource_server_id, <<"rabbitmq">>},
581-
{extra_scopes_source, <<"roles">>},
582-
...
578+
Now, let's say you do configure RabbitMQ OAuth2 plugin with `additional_scopes_key` as shown below:
579+
```ini
580+
auth_oauth2.resource_server_id = rabbitmq
581+
auth_oauth2.additional_scopes_key = roles
583582
```
584583

585584
With this configuration, RabbitMQ expects *custom scopes* in the field `roles` and

0 commit comments

Comments
 (0)