Merge pull request #12758 from rabbitmq/mergify/bp/v4.0.x/pr-12752

By @Hathoute: consider additional_scopes_key when multiple OAuth 2 backends are used (backport #12752)

Author: michaelklishin

deps/rabbitmq_auth_backend_oauth2/src/rabbit_oauth2_schema.erl

@@ -7,13 +7,18 @@
 
 -module(rabbit_oauth2_schema).
 
-
 -export([
     translate_oauth_providers/1,
     translate_resource_servers/1,
     translate_signing_keys/1
 ]).
 
+-define(RESOURCE_SERVERS_SYNONYMS, #{
+    "additional_scopes_key" => "extra_scopes_source"
+  }).
+
+resource_servers_key_synonym(Key) -> maps:get(Key, ?RESOURCE_SERVERS_SYNONYMS, Key).
+
 extract_key_as_binary({Name,_}) -> list_to_binary(Name).
 extract_value({_Name,V}) -> V.
 
@@ -99,7 +104,7 @@ extract_resource_server_properties(Settings) ->
     KeyFun = fun extract_key_as_binary/1,
     ValueFun = fun extract_value/1,
 
-    OAuthProviders = [{Name, {list_to_atom(Key), list_to_binary(V)}}
+    OAuthProviders = [{Name, {list_to_atom(resource_servers_key_synonym(Key)), list_to_binary(V)}}
         || {["auth_oauth2","resource_servers", Name, Key], V} <- Settings ],
     maps:groups_from_list(KeyFun, ValueFun, OAuthProviders).
 

deps/rabbitmq_auth_backend_oauth2/test/config_schema_SUITE_data/rabbitmq_auth_backend_oauth2.snippets

@@ -91,7 +91,7 @@
                   {id, <<"rabbitmq-operations">>}
                 ],
                 <<"rabbitmq-customers">> => [
-                  {additional_scopes_key, <<"roles">>},
+                  {extra_scopes_source, <<"roles">>},
                   {id, <<"rabbitmq-customers">>}
                 ]
               }

deps/rabbitmq_auth_backend_oauth2/test/rabbit_oauth2_schema_SUITE.erl

@@ -87,11 +87,11 @@ test_resource_servers_attributes(_) ->
             {["auth_oauth2","resource_servers","rabbitmq1","preferred_username_claims","1"],"userid"},
             {["auth_oauth2","resource_servers","rabbitmq1","preferred_username_claims","2"],"groupid"}
             ],
-    #{<<"rabbitmq1xxx">> := [{additional_scopes_key, <<"roles">>},
-                          {id, <<"rabbitmq1xxx">>},
-                          {preferred_username_claims, [<<"userid">>, <<"groupid">>]},
-                          {scope_prefix, <<"somescope.">>}
-                        ]
+    #{<<"rabbitmq1xxx">> := [{extra_scopes_source, <<"roles">>},
+                             {id, <<"rabbitmq1xxx">>},
+                             {preferred_username_claims, [<<"userid">>, <<"groupid">>]},
+                             {scope_prefix, <<"somescope.">>}
+                            ]
     } = sort_settings(rabbit_oauth2_schema:translate_resource_servers(Conf)),
 
     Conf2 = [
@@ -100,11 +100,11 @@ test_resource_servers_attributes(_) ->
             {["auth_oauth2","resource_servers","rabbitmq1","preferred_username_claims","1"],"userid"},
             {["auth_oauth2","resource_servers","rabbitmq1","preferred_username_claims","2"],"groupid"}
             ],
-    #{<<"rabbitmq1">> := [{additional_scopes_key, <<"roles">>},
+    #{<<"rabbitmq1">> := [{extra_scopes_source, <<"roles">>},
                           {id, <<"rabbitmq1">>},
                           {preferred_username_claims, [<<"userid">>, <<"groupid">>]},
                           {scope_prefix, <<"somescope.">>}
-                        ]
+                         ]
     } = sort_settings(rabbit_oauth2_schema:translate_resource_servers(Conf2)).
 
 test_oauth_providers_attributes_with_invalid_uri(_) ->