From d8a1074afe3eb05f519f02f5c92ce9efe932cc27 Mon Sep 17 00:00:00 2001 From: julianladisch Date: Sun, 3 Nov 2024 19:12:27 +0100 Subject: [PATCH] MODAT-168: Rename auth permissions (#104) Permission rename: auth.signtoken -> auth.token.post or auth.token.sign.post auth.signrefreshtoken -> auth.refreshtoken.post or auth.token.refresh.post New permissions to bundle the single endpoint permissions: auth.signtoken.all auth.signrefreshtoken.all auth.sign-and-refresh-token.all To be merged together with https://github.com/folio-org/mod-authtoken/pull/167 --- descriptors/ModuleDescriptor-template.json | 77 +++++++++++++++++----- 1 file changed, 61 insertions(+), 16 deletions(-) diff --git a/descriptors/ModuleDescriptor-template.json b/descriptors/ModuleDescriptor-template.json index 56fd3eb..e26bbe4 100644 --- a/descriptors/ModuleDescriptor-template.json +++ b/descriptors/ModuleDescriptor-template.json @@ -144,33 +144,33 @@ }, { "id": "authtoken", - "version": "2.0", + "version": "2.1", "handlers": [ { "methods": [ "POST" ], "pathPattern": "/token", - "permissionsRequired": [ "auth.signtoken" ] + "permissionsRequired": [ "auth.token.post" ] }, { "methods": [ "POST" ], "pathPattern": "/refreshtoken", - "permissionsRequired": [ "auth.signrefreshtoken" ] + "permissionsRequired": [ "auth.refreshtoken.post" ] } ] }, { "id": "authtoken2", - "version": "1.0", + "version": "1.1", "handlers": [ { "methods": [ "POST" ], "pathPattern": "/token/sign", - "permissionsRequired": [ "auth.signtoken" ] + "permissionsRequired": [ "auth.token.sign.post" ] }, { "methods": [ "POST" ], "pathPattern": "/token/refresh", - "permissionsRequired": [ "auth.signrefreshtoken" ] + "permissionsRequired": [ "auth.token.refresh.post" ] }, { "methods": [ "POST" ], @@ -257,16 +257,6 @@ "displayName" : "Credentials existence get", "description" : "Get credentials existence" }, - { - "permissionName": "auth.signtoken", - "displayName": "auth-token - sign token", - "description": "sign token" - }, - { - "permissionName": "auth.signrefreshtoken", - "displayName": "auth-token - sign refresh token", - "description": "sign refresh token" - }, { "permissionName" : "login.all", "displayName" : "login credentials", @@ -285,6 +275,61 @@ "login.event.delete", "login.credentials-existence.get" ] + }, + { + "permissionName": "auth.token.post", + "displayName": "auth-token - sign token - legacy, deprecated", + "description": "sign token, legacy, deprecated" + }, + { + "permissionName": "auth.refreshtoken.post", + "displayName": "auth-token - sign refresh token - legacy, deprecated", + "description": "sign refresh token, legacy, deprecated" + }, + { + "permissionName": "auth.token.sign.post", + "displayName": "auth-token - sign expiring token", + "description": "sign expiring token" + }, + { + "permissionName": "auth.token.refresh.post", + "displayName": "auth-token - use refresh token to sign a new expiring token", + "description": "sign expiring token using refresh token" + }, + { + "permissionName": "auth.signtoken.all", + "displayName": "auth-token - sign token", + "description": "sign token", + "subPermissions" : [ + "auth.token.post", + "auth.token.sign.post" + ], + "replaces": [ + "auth.signtoken" + ] + }, + { + "permissionName": "auth.signrefreshtoken.all", + "displayName": "auth-token - sign refresh token", + "description": "sign refresh token", + "subPermissions" : [ + "auth.refreshtoken.post", + "auth.token.refresh.post" + ], + "replaces": [ + "auth.signrefreshtoken" + ] + }, + { + "permissionName": "auth.sign-and-refresh-token.all", + "displayName": "auth-token - sign and refresh token", + "description": "sign and refresh token", + "subPermissions" : [ + "auth.token.post", + "auth.token.sign.post", + "auth.refreshtoken.post", + "auth.token.refresh.post" + ] } ], "launchDescriptor": {