Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] Suppression du scope pour les AT et RT (PIX-15926) #11317

Open
wants to merge 4 commits into
base: dev
Choose a base branch
from
Open

[FEATURE] Suppression du scope pour les AT et RT (PIX-15926) #11317

wants to merge 4 commits into from
+19 −290

Conversation

bpetetot
Copy link
Contributor

@bpetetot bpetetot commented Feb 4, 2025
edited
Loading

!!! Nécessite l'activation du confinement des AT en prod avant de merger.

🥞 Problème

Jusqu'à présent, le domaine (orga, app, certif etc) était transmis via le paramètre 'scope' aux routes d'obtention des Access Tokens. Depuis qu'on utilise l'audience (qui porte la même information), le scope n'est plus nécessaire.

🥓 Proposition

Supprimer le scope des routes et controllers concernés.

Scout rule: Suppression d'un pre-handler de monitoring sur la route /api/token qui était un test temporaire (vu avec Romain)

😋 Pour tester

  • Se connecter à une des applications Pix
  • Vérifier qu'on a bien un Access Token
  • Pour vérifier le fonctionnement du Refresh Token :
curl 'https://app.dev.pix.fr/api/token'
  -H 'Content-Type: application/x-www-form-urlencoded'
  --data-raw 'grant_type=refresh_token&refresh_token=<REFRESH_TOKEN>'

Remplacer l'URL du cURL suivant l'environnement utilisé

@bpetetot bpetetot self-assigned this Feb 4, 2025
@bpetetot bpetetot changed the title [FEATURE] Suppresion du scope pour les AT et RT (PIX-15926) [FEATURE] Suppression du scope pour les AT et RT (PIX-15926) Feb 4, 2025
@pix-bot-github
Copy link

Une fois les applications déployées, elles seront accessibles via les liens suivants :

Les variables d'environnement seront accessibles via les liens suivants :

@bpetetot bpetetot force-pushed the pix-15926-remove-scope-from-user-authentication branch from 8a8d3b1 to 0dfb4bc Compare February 4, 2025 13:58
@Libouk Libouk force-pushed the pix-15926-remove-scope-from-user-authentication branch from 0dfb4bc to c2bea63 Compare February 4, 2025 14:26
@Libouk Libouk marked this pull request as ready for review February 5, 2025 08:55
@Libouk Libouk requested a review from a team as a code owner February 5, 2025 08:55
@Libouk Libouk added 👀 Tech Review Needed 👀 Func Review Needed Need PO validation for this functionally and removed Development in progress labels Feb 5, 2025
@bpetetot bpetetot added Development in progress and removed 👀 Tech Review Needed 👀 Func Review Needed Need PO validation for this functionally labels Feb 5, 2025
@P-Jeremy
Copy link
Contributor

P-Jeremy commented Feb 5, 2025

Func review OK ✅

retour de la commande Curl avec le nouveau refresh token généré

@bpetetot bpetetot force-pushed the pix-15926-remove-scope-from-user-authentication branch from c2bea63 to 6961d3e Compare February 6, 2025 10:08
@bpetetot bpetetot force-pushed the pix-15926-remove-scope-from-user-authentication branch from 6961d3e to fcf01a2 Compare February 6, 2025 10:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@bpetetot bpetetot

Labels
👀 Func Review Needed Need PO validation for this functionally 👀 Tech Review Needed team-acces ⚠️ Blocked
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@bpetetot @pix-bot-github @P-Jeremy @Libouk