Skip to content

Add hasScope as a valid SpEL expression to PreAuthorize, etc. #18013

New issue
New issue
Open
Open
Add hasScope as a valid SpEL expression to PreAuthorize, etc.#18013
Assignees
jzheaux
Labels
in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)type: enhancementA general enhancement
@kistlers

Description

@kistlers
kistlers
opened on Oct 6, 2025

Expected Behavior

In a similar fashion to the added hasScope for authorization rules (added with #13754), I would like to use hasScope(scope) in SpEL expressions in @PreAuthorize, i.e.:

@PreAuthorize("hasScope('read'")

Current Behavior

This can already be achieved using hasAuthority:

@PreAuthorize("hasAuthority('SCOPE_read'")

Evidently, not a big issue. But I'd like to add that hasRole also exists:

private String defaultRolePrefix = "ROLE_";

@Override
public final boolean hasAnyRole(String... roles) {
    return hasAnyAuthorityName(this.defaultRolePrefix, roles);
}

Metadata

Metadata

Assignees

Labels

in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)type: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions