Skip to content

Commit

Permalink
Set missing Shield.settings.bearer_login_scopes_allowed option
Browse files Browse the repository at this point in the history
  • Loading branch information
@akadusei
akadusei committed Jul 11, 2024
1 parent 905281b commit 3fdbea8
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 1 deletion.
3 changes: 3 additions & 0 deletions config/shield.cr
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
Shield.configure do |settings|
settings.bearer_login_scopes_allowed =
ENV["BEARER_LOGIN_SCOPES_ALLOWED"]?.try(&.split) || [] of String

settings.bearer_login_expiry = ENV["BEARER_LOGIN_EXPIRY"]?.try do |expiry|
Time::Span.new(seconds: expiry.to_i)
end
Expand Down
3 changes: 3 additions & 0 deletions sample.env.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,9 @@ password:

skip_log_regex: code|password|secret|token

bearer_login:
scopes_allowed: api.current_user.show api.current_user.update

jobs:
batch_size: '-1'
poll_interval: '3' # seconds
Expand Down
4 changes: 3 additions & 1 deletion src/pages/current_user/bearer_logins/new_page.cr
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,8 @@ struct CurrentUser::BearerLogins::NewPage < MainLayout
end

private def options_for_scopes
BearerScope.action_scopes.map { |scope| {scope.to_s, scope.to_s} }
Shield.settings.bearer_login_scopes_allowed.map do |scope|
{scope, scope}
end
end
end

0 comments on commit 3fdbea8

Please sign in to comment.