TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-03-04 06:45:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: add scope profile to PAT (#6154)

Browse Source 
Co-authored-by: Fabi <fabienne@zitadel.com>
This commit is contained in:
Livio Spring 2023-07-07 17:31:42 +02:00 committed by GitHub
parent 59d67bde5f
commit 6319fdda9e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
internal/api/grpc/management/user.go
View File

@ -854,7 +854,7 @@ func (s *Server) ListPersonalAccessTokens(ctx context.Context, req *mgmt_pb.List
} }
func (s *Server) AddPersonalAccessToken(ctx context.Context, req *mgmt_pb.AddPersonalAccessTokenRequest) (*mgmt_pb.AddPersonalAccessTokenResponse, error) { func (s *Server) AddPersonalAccessToken(ctx context.Context, req *mgmt_pb.AddPersonalAccessTokenRequest) (*mgmt_pb.AddPersonalAccessTokenResponse, error) {
scopes := []string{oidc.ScopeOpenID, z_oidc.ScopeUserMetaData, z_oidc.ScopeResourceOwner} scopes := []string{oidc.ScopeOpenID, oidc.ScopeProfile, z_oidc.ScopeUserMetaData, z_oidc.ScopeResourceOwner}
pat := AddPersonalAccessTokenRequestToCommand(req, authz.GetCtxData(ctx).OrgID, scopes, domain.UserTypeMachine) pat := AddPersonalAccessTokenRequestToCommand(req, authz.GetCtxData(ctx).OrgID, scopes, domain.UserTypeMachine)
details, err := s.command.AddPersonalAccessToken(ctx, pat) details, err := s.command.AddPersonalAccessToken(ctx, pat)
if err != nil { if err != nil {

2
internal/api/grpc/system/instance_converter.go
View File

@ -111,7 +111,7 @@ func createInstancePbToAddMachine(req *system_pb.CreateInstanceRequest_Machine,
if defaultMachine.Pat != nil || req.PersonalAccessToken != nil { if defaultMachine.Pat != nil || req.PersonalAccessToken != nil {
pat := command.AddPat{ pat := command.AddPat{
// Scopes are currently static and can not be overwritten // Scopes are currently static and can not be overwritten
Scopes: []string{oidc.ScopeOpenID, z_oidc.ScopeUserMetaData, z_oidc.ScopeResourceOwner}, Scopes: []string{oidc.ScopeOpenID, oidc.ScopeProfile, z_oidc.ScopeUserMetaData, z_oidc.ScopeResourceOwner},
} }
if req.GetPersonalAccessToken().GetExpirationDate().IsValid() { if req.GetPersonalAccessToken().GetExpirationDate().IsValid() {
pat.ExpirationDate = req.PersonalAccessToken.ExpirationDate.AsTime() pat.ExpirationDate = req.PersonalAccessToken.ExpirationDate.AsTime()

2
internal/integration/integration.go
View File

@ -174,7 +174,7 @@ func (s *Tester) createMachineUser(ctx context.Context, instanceId string) {
logging.OnError(err).Fatal("add org member") logging.OnError(err).Fatal("add org member")
} }
scopes := []string{oidc.ScopeOpenID, z_oidc.ScopeUserMetaData, z_oidc.ScopeResourceOwner} scopes := []string{oidc.ScopeOpenID, oidc.ScopeProfile, z_oidc.ScopeUserMetaData, z_oidc.ScopeResourceOwner}
pat := command.NewPersonalAccessToken(user.ResourceOwner, user.ID, time.Now().Add(time.Hour), scopes, domain.UserTypeMachine) pat := command.NewPersonalAccessToken(user.ResourceOwner, user.ID, time.Now().Add(time.Hour), scopes, domain.UserTypeMachine)
_, err = s.Commands.AddPersonalAccessToken(ctx, pat) _, err = s.Commands.AddPersonalAccessToken(ctx, pat)
logging.OnError(err).Fatal("add pat") logging.OnError(err).Fatal("add pat")