Function validateScope

validateScope(
    scope: string | undefined,
    __namedParameters: validateScopeParams,
    _config: unknown,
): Promise<{ scope: string }>
Validates requested scope values against the client allowed scopes.

Why (Security)
Scope allow-listing prevents privilege escalation through overbroad scope requests.

Specifications
- RFC 6749 (OAuth 2.0 Authorization Framework) Section 3.3, scope parameter
- RFC 6749 (OAuth 2.0 Authorization Framework) Section 5.1, scope response semantics
- OpenID4VCI, scope-constrained credential authorization
Parameters
- scope: string | undefined
- __namedParameters: validateScopeParams
- _config: unknown
Returns Promise<{ scope: string }>
- Defined in packages/server-core/src/statements/validations/validateScope.ts:21