Added scopes

juxt-site · Sep 1, 2023 · 77e4cc9 · 77e4cc9
1 parent d535ed6
commit 77e4cc9
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 3 deletions.
diff --git a/demo/petstore/openapi.json b/demo/petstore/openapi.json
@@ -1209,8 +1209,8 @@
           "implicit": {
             "authorizationUrl": "https://auth.example.org/oauth/authorize",
             "scopes": {
-              "write:pets": "modify pets in your account",
-              "read:pets": "read your pets"
+              "https://auth.example.org/scopes/petstore/write": "modify pets in your account",
+              "https://auth.example.org/scopes/petstore/read": "read your pets"
             }
           }
         }

diff --git a/installers/auth.example.org/operations/petstore/add-pet.edn b/installers/auth.example.org/operations/petstore/add-pet.edn
@@ -15,6 +15,8 @@
     (for [doc (:docs *prepare*)]
       [:xtdb.api/put doc])}
 
+   :juxt.site/scope
+   #{"https://auth.example.org/scopes/petstore/write"}
    :juxt.site/rules
    [
     [(allowed? subject operation resource permission)

diff --git a/installers/auth.example.org/scopes/petstore/read.edn b/installers/auth.example.org/scopes/petstore/read.edn
@@ -0,0 +1,9 @@
+{:deps
+ ["https://auth.example.org/operations/oauth/register-scope"
+  "https://auth.example.org/permissions/system/oauth/register-scope"]
+ :install
+ {:juxt.site/subject-uri "https://auth.example.org/_site/subjects/system"
+  :juxt.site/operation-uri "https://auth.example.org/operations/oauth/register-scope"
+  :juxt.site/input
+  {:xt/id "{{$id}}"
+   :juxt.site/description "Read stuff"}}}
diff --git a/installers/auth.example.org/scopes/petstore/write.edn b/installers/auth.example.org/scopes/petstore/write.edn
@@ -0,0 +1,9 @@
+{:deps
+ ["https://auth.example.org/operations/oauth/register-scope"
+  "https://auth.example.org/permissions/system/oauth/register-scope"]
+ :install
+ {:juxt.site/subject-uri "https://auth.example.org/_site/subjects/system"
+  :juxt.site/operation-uri "https://auth.example.org/operations/oauth/register-scope"
+  :juxt.site/input
+  {:xt/id "{{$id}}"
+   :juxt.site/description "Write stuff"}}}
diff --git a/installers/bundles.edn b/installers/bundles.edn
@@ -520,7 +520,11 @@
    {:juxt.site/base-uri "https://auth.example.org"
     :juxt.site/installer-path "/permissions/by-role/{{role}}/{{operation}}"
     :juxt.site/parameters {"role" "PetstoreOwner"
-                           "operation" "petstore/update-pet-by-id"}}]}
+                           "operation" "petstore/update-pet-by-id"}}
+   {:juxt.site/base-uri "https://auth.example.org"
+    :juxt.site/installer-path "/scopes/petstore/read"}
+   {:juxt.site/base-uri "https://auth.example.org"
+    :juxt.site/installer-path "/scopes/petstore/write"}]}
 
  "juxt/site/sessions"
  {:juxt.site/title "Sessions"