app-extension-auth's Issues
Not possibly to grant write_content scope
When i'm trying to modify my scope, it never gives me write permissions.
Expected Behavior
Based on that auth file:
import {AuthHandlerParams} from '@storyblok/app-extension-auth'
export const endpointPrefix = '/api/authenticate'
export const authHandlerParams: AuthHandlerParams = {
clientId: process.env.CLIENT_ID,
clientSecret: process.env.CLIENT_SECRET,
baseUrl: process.env.BASE_URL,
successCallback: '/',
errorCallback: '/401',
endpointPrefix,
// Increase scope if needed
scope: ['read_content', 'write_content'],
}
should be able to give me write_content
scope
Current Behavior
It always gives only read_content
scope.
Potential solution
I think in storyblok-auth-api/grant/grant-handler.ts
, custom scope from params is just not being passed, and only hardcoded one is used:
export const grantHandler =
(params: GrantHandlerParams): RequestHandler =>
async (req, res) => {
const { clientId, clientSecret, endpointPrefix, baseUrl, } = params
void (await grant.node({
config: {
defaults: {
origin: baseUrl,
transport: 'session',
prefix: endpointPrefix,
},
storyblok: {
client_id: clientId,
client_secret: clientSecret,
scope: ['read_content'],
callback: `${endpointPrefix}/${callbackRouteSlug}`,
profile_url: userinfo_endpoint,
response: ['tokens', 'profile', 'raw'], // raw is needed for the expires_in, token is needed for profile
pkce: true,
state: true,
token_endpoint_auth_method: 'client_secret_post',
},
},
session: {
secret: clientSecret,
name: grantCookieName,
cookie: {
path: '/',
secure: true,
sameSite: 'none', // Needed since custom apps are embedded in iframes
httpOnly: true, // The refresh token must not be accessible via client-side javascript
},
},
})(req, res))
}
Steps to Reproduce
Just use provided nextjs template. And modify src/auth.ts
to:
import {AuthHandlerParams} from '@storyblok/app-extension-auth'
export const endpointPrefix = '/api/authenticate'
export const authHandlerParams: AuthHandlerParams = {
clientId: process.env.CLIENT_ID,
clientSecret: process.env.CLIENT_SECRET,
baseUrl: process.env.BASE_URL,
successCallback: '/',
errorCallback: '/401',
endpointPrefix,
// Increase scope if needed
scope: ['read_content', 'write_content'],
}
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.