Skip to content

Commit 5021db5

Browse files
committed
fix: use the same scopes for auth session as other extensions
Fix #773. Red Hat SSO authentication provider matches existing sessions with exactly the same scopes. Sandbox should use the same scopes as other Red Hat extensions to avoid triggering authentication dialog when there is already session created by Red Hat SSO Authentication provider triggered from different Red Hat extension. Signed-off-by: Denis Golovin <dgolovin@redhat.com>
1 parent 3808e1b commit 5021db5

1 file changed

Lines changed: 10 additions & 3 deletions

File tree

src/extension.ts

Lines changed: 10 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -273,9 +273,16 @@ export async function activate(extensionContext: extensionApi.ExtensionContext):
273273
}
274274

275275
// use existing SSO session or request to login
276-
const ssoSession = await extensionApi.authentication.getSession('redhat.authentication-provider', ['openid'], {
277-
createIfNone: true,
278-
});
276+
const ssoSession = await extensionApi.authentication.getSession(
277+
'redhat.authentication-provider',
278+
[
279+
'api.iam.registry_service_accounts', //scope that gives access to hydra service accounts API
280+
'api.console',
281+
],
282+
{
283+
createIfNone: true,
284+
},
285+
);
279286

280287
// check Developer Sandbox status and sign up for it if possible
281288
let status: SBSignupResponse = await getDevSandboxSignUpStatus((ssoSession as any).idToken);

0 commit comments

Comments
 (0)