malpercio.dev / atbb
WIP! A BB-style forum, on the ATmosphere! We're still working... we'll be back soon when we have something to show off!
node typescript hono htmx atproto
fork atom

Constrain OAuth Scopes to only what is needed by atBB #1

merged opened by malpercio.dev targeting main from adjust-oauth-scopes

Will require a new login for all users, but a deploy does that anyway since sessions are stored in memory currently ðŸĪŠ

Labels

None yet.

assignee

None yet.

Participants 1
AT URI
at://did:web:malpercio.dev/sh.tangled.repo.pull/3mfrrwhtoq322
+1 -1
Diff #0
unified split
+1 -1
apps/appview/src/lib/app-context.ts
··· 78 78 client_name: "atBB Forum", 79 79 client_uri: oauthUrl, 80 80 redirect_uris: [`${oauthUrl}/api/auth/callback`], 81 - scope: "atproto transition:generic", 81 + scope: "atproto include:space.atbb.authFull rpc:app.bsky.actor.getProfile?aud=did:web:api.bsky.app%23bsky_appview", 82 82 grant_types: ["authorization_code", "refresh_token"], 83 83 response_types: ["code"], 84 84 application_type: "web",

History

2 rounds 0 comments
sign up or login to add to the discussion
malpercio.dev submitted #1
diff interdiff
2 commits
expand
77ab53e5
feat: constrain oauth scopes
6c257d57
docs: document oauth scopes and sync test mock
expand 0 comments
pull request successfully merged
malpercio.dev submitted #0
1 commit
expand
77ab53e5
feat: constrain oauth scopes
expand 0 comments