Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2026-05-07 22:06:31 +02:00
Code Issues Packages Projects Releases Activity

use api key scope when creating access tokens from api keys instead of full user scope

Browse Source
This commit is contained in:
Konstantin Schaper
2020-11-02 17:13:13 +01:00
parent 5c755cd0c9
commit 56331c4201
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scm-webapp/src/main/java/sonia/scm/security/JwtAccessTokenBuilder.java
View File

@@ -156,7 +156,7 @@ public final class JwtAccessTokenBuilder implements AccessTokenBuilder {
@Override
public JwtAccessToken build() {
if (SecurityUtils.getSubject().getPrincipals().getRealmNames().contains(ApiKeyRealm.NAME)) {
throw new AuthorizationException("Cannot create access token for api keys");
scope = Scope.valueOf(SecurityUtils.getSubject().getPrincipals().oneByType(Scope.class));
}
String id = keyGenerator.createKey();