in Source/FranceConnect.DataProvider/Filters/ConsentFilter.cs [16:30]
public override void OnActionExecuting(ActionExecutingContext context)
{
var receivedScope = context.HttpContext.Items["scope"] as string[];
if (receivedScope == null || !Scope.All(scope => receivedScope.Contains(scope)))
{
context.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
context.HttpContext.Response.ContentType = "application/json";
context.Result = new JsonResult(new Error
{
error = "invalid_scope",
message = "The request does not contain required scopes"
});
}
}