generated from gCubeCI/Pipeline-Docker-Template
Add support for multple authorization scopes for legacy token; JWT token will use only the first authorized scope defined in config.js
This commit is contained in:
parent
fc991a110c
commit
3c3bcdf838
|
@ -5,7 +5,7 @@ var config = {
|
|||
"debug": true,
|
||||
"legacy": true,
|
||||
"accounting": {
|
||||
"scope": "authorized_scope",
|
||||
"scopes": ["authorized_scope1", "authorizeed_scope2"],
|
||||
"service_name": "docker_stack_name",
|
||||
"host": "service_hostname"
|
||||
},
|
||||
|
|
|
@ -39,7 +39,7 @@ function enforce_legacy(r) {
|
|||
}
|
||||
|
||||
debug(context, JSON.stringify(context.config["accounting"], null, 2));
|
||||
var allowedcontexts = [context.config["accounting"]["scope"]]
|
||||
var allowedcontexts = context.config["accounting"]["scopes"]
|
||||
log(context, "Inside NJS enforce for " + r.method + " @ " + r.headersIn.host + "/" + r.uri)
|
||||
debug(context, "debug is " + JSON.stringify(defaultExport["config"]))
|
||||
const token = getGCubeToken(context)
|
||||
|
@ -456,7 +456,7 @@ function buildAccountingRecord(context) {
|
|||
"serviceName": defaultExport["accounting"]["service_name"],
|
||||
"duration": 0,
|
||||
"maxInvocationTime": 0,
|
||||
"scope": defaultExport["accounting"]["scope"],
|
||||
"scope": defaultExport["accounting"]["scopes"], // qui va cambiato per capire quale è lo scope corretto dell'utente
|
||||
"host": defaultExport["accounting"]["host"],
|
||||
"startTime": t,
|
||||
"id": uuid(),
|
||||
|
|
Loading…
Reference in New Issue