Documentation missing for DRF TokenHasResourceScope behavior

[evitolins]

The DRF permissions class TokenHasResourceScope requires tokens use a colon-separated syntax to explicitly specify read/write scopes (ie. "music:read music:write"). This scope syntax is mentioned nowhere within the docs as far as I've found.

The following info seems like it would be necessary to understand to successfully utilize this workflow.

---

Based on this example from the TokenHasResourceScope docs....

class SongView(views.APIView):
    authentication_classes = [OAuth2Authentication]
    permission_classes = [TokenHasResourceScope]
    required_scopes = ['music']
    ...

Token Scope Syntax

A valid token's scope is set in this fashion, to grant both read and write permissions for this view.

music:read music:write

However, defining a token's scope without appending specific read and/or write access will not work

music

Settings

Within your scope settings, you must declare each scope explicitly

OAUTH2_PROVIDER = {
    'SCOPES': {
        'music:read' : 'Read music accessible by your account.',
        'music:write' : 'Write music accessible by your account.',
        ...
    }

[philsheard]

I just found this issue today, trying to work out the docs. Is there anything that I could do to help get into the docs for others? I could raise a PR with the changes required?

[auvipy]

yes please send a PR

[matmair]

Is someone working on this or might I take a shot?

[n2ygk]

Is someone working on this or might I take a shot?

@matmair Go for it! You might also want to look at the somewhat-related TokenMatchesOASRequirements.