tangled.org / core
Monorepo for Tangled tangled.org
fork atom

oauth: add granular scope request for atproto records & everything tangled-related #1014

merged opened by lewis.moe targeting master from lewis.moe/tangled-core: fix-oauth-scopes
Labels

None yet.

assignee

None yet.

Participants 2
AT URI
at://did:plc:3fwecdnvtcscjnrx2p4n7alz/sh.tangled.repo.pull/3mczoufpgjz22
+1 -1
Interdiff #0 โ†’ #1
unified split
appview/oauth/oauth.go

This file has not been changed.

+1 -1
appview/oauth/scopes.go
··· 23 "repo:sh.tangled.string", 24 "repo:sh.tangled.actor.profile", 25 26 - "blob", 27 28 "rpc:sh.tangled.repo.create?aud=*", 29 "rpc:sh.tangled.repo.delete?aud=*",
··· 23 "repo:sh.tangled.string", 24 "repo:sh.tangled.actor.profile", 25 26 + "blob:*/*", 27 28 "rpc:sh.tangled.repo.create?aud=*", 29 "rpc:sh.tangled.repo.delete?aud=*",

History

2 rounds 3 comments
sign up or login to add to the discussion
lewis.moe submitted #1
interdiff
1 commit
expand
d74a6eb4
oauth: add granular scope request for atproto records & everything tangled-related
expand 3 comments
oppi.li

very nice work! we use a fork of indigo that exposes NSID consts:

import 	"tangled.org/core/api/tangled"

fmt.Println(tangled.ActorProfileNSID)

Would it make sense to use these consts in the scope-strings? happy with the existing patch as-is too, if not.

lewis.moe

Using consts might end up looking like:

"repo:" + tangled.ActorProfileNSID,
"rpc:" + tangled.RepoCreateNSID + "?aud=*"

we'd kinda lose the readability of plain strings without gaining compile-time safety, and when an nsid changes, we'd have to update both the lexicon and this scope list anyway

oppi.li

lgtm!

pull request successfully merged
lewis.moe submitted #0
diff
1 commit
expand
aade2758
oauth: add granular scope request for atproto records & everything tangled-related
expand 0 comments