Fix resource server error with scope

2025-02-01 18:51:17 +01:00 · 2025-02-01 18:51:17 +01:00 · 8b8bbcd7a0
commit 8b8bbcd7a0
parent e9bc6c671a
4 changed files with 20 additions and 15 deletions
--- a/src/oidc_test/resource_server.py
+++ b/src/oidc_test/resource_server.py
@ -22,19 +22,15 @@ async def get_resource(resource_id: str, user: User) -> dict:
    # but this has to be refined for production
    required_scope = f"get:{resource_id}"
    # Check if the required scope is in the scopes allowed in userinfo
-    if "required_scope" in user.userinfo:
-        user_scopes = user.userinfo["required_scope"].split(" ")
-        if required_scope in user_scopes:
-            await process(user, required_scope, resp)
-        else:
-            ## For the showcase, giving a explanation.
-            ## Alternatively, raise HTTP_401_UNAUTHORIZED
-            resp["sorry"] = (
-                f"No scope {required_scope} in the access token "
-                + "but it is required for accessing this resource."
-            )
+    if user.has_scope(required_scope):
+        await process(user, resource_id, resp)
    else:
-        resp["sorry"] = "There is no scope in id token"
+        ## For the showcase, giving a explanation.
+        ## Alternatively, raise HTTP_401_UNAUTHORIZED
+        resp["sorry"] = (
+            f"No scope {required_scope} in the access token "
+            + "but it is required for accessing this resource."
+        )
    return resp


@ -51,9 +47,7 @@ async def process(user, resource_id, resp):
            bs = await client.get("https://corporatebs-generator.sameerkumar.website/")
            resp["bs"] = bs.json().get("phrase", "Sorry, i am out of BS today.")
    else:
-        resp["sorry"] = (
-            f"I don't known how to give '{resource_id}' but i know corporate bs."
-        )
+        resp["sorry"] = f"I don't known how to give '{resource_id}'."


 # assert user.oidc_provider is not None