Skip to content

Brittle coupling of OAuth 2.0 scopes in Swagger UI and UserCredentialsProvider #4338

New issue
New issue
Open
Bug
Open
Brittle coupling of OAuth 2.0 scopes in Swagger UI and UserCredentialsProvider#4338
Bug
Labels
-[priority] Mediumauthorization[subject] Enforcing of access controlsdebt[type] A defect incurring continued engineering costgroomed[process] Issue was recently looked at during backlog groomingorange[process] Done by the Azul teamservice[subject] The service part of Azul
@hannes-ucsc

Description

@hannes-ucsc
hannes-ucsc
opened on Jul 26, 2022

azul/lambdas/service/app.py

Line 263 in 4c22bf3

scopes = ('email',)

vs

azul/src/azul/terra.py

Line 274 in a5d0ce8

return ['https://www.googleapis.com/auth/userinfo.email']

They are different (but semantically equivalent), and changing one requires changing the other.

Solve together with #5095

Metadata

Metadata

Assignees

No one assigned

    Labels

    -[priority] Mediumauthorization[subject] Enforcing of access controlsdebt[type] A defect incurring continued engineering costgroomed[process] Issue was recently looked at during backlog groomingorange[process] Done by the Azul teamservice[subject] The service part of Azul

    Type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions