Skip to content

auth.middleware.{js,ts} scopes format does not conform to what SDK authmiddleware options require #84

New issue
New issue
Open
Open
auth.middleware.{js,ts} scopes format does not conform to what SDK authmiddleware options require#84
@sfernengel

Description

@sfernengel
sfernengel
opened on Aug 7, 2024

In the auth.middleware.{js,ts} files in each of the connect applications, we have the following code

  scopes: [
    readConfiguration().scope
      ? (readConfiguration().scope as string)
      : 'default',
  ],

This code only works if the CTP_SCOPE env variable contains a single value such as manage_project:xyz

To make it work with values separated by spaces, CTP_SCOPE=manage_customers:xyz manage_orders:xyz we need to modify the code to split a long string into an array of strings.

Suggestion: modify the code as follows:

scopes: readConfiguration().scope
    ? (readConfiguration().scope as string).split(' ')
    : undefined,

The undefined is there to tell the system that, the middleware will use the scopes assigned to the API Client while it was being created via MC or API.

In the future, there could be a pre-defined scope but since this is a template, I think undefined is a good fit.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions