UMA policy with abac

[Rene Winklewski]

Currently it is possible to use attribute based access in UMA pilicies by defining a Javascript condition that can evaluate the the attributes of a resource and make a decision based on them.

curl -X POST \ http://localhost:8180/realms/photoz/authz/protection/uma-policy/{resource_id} \ -H 'Authorization: Bearer '$access_token \ -H 'Cache-Control: no-cache' \ -H 'Content-Type: application/json' \ -d '{ "name": "...", "description": "...", "scopes": ["read"], "condition": "if (...) {$evaluation.grant()}" }'

When the upload_scripts feature will be removed in the future, what would be the best way to do this?