Skip to content

Commit 47c2384

Browse files
Allow launch/patient scope for client credential requests (#1551)
* Allow launch/patient scope for client credentials calls * Cleanup
1 parent e83f4bf commit 47c2384

1 file changed

Lines changed: 2 additions & 3 deletions

File tree

apps/dot_ext/views/authorization.py

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,6 @@
6464
CLIENT_CREDENTIALS,
6565
CLIENT_CREDENTIALS_ACCEPTED_JWT_ALGORITHMS,
6666
HHS_SERVER_LOGNAME_FMT,
67-
LAUNCH_SCOPE,
6867
OPENID_SCOPE,
6968
USER_TYPE_ALIGNED_NETWORKS_BENEFICIARY,
7069
)
@@ -1009,10 +1008,10 @@ def post(self, request: HttpRequest, *args, **kwargs) -> HttpResponse:
10091008
if allow_client_credentials_call:
10101009
# since we're not getting the user info from SLS, don't return openid scope in this flow
10111010
scopes = request.POST.get('scope', '').split()
1012-
if OPENID_SCOPE in scopes or LAUNCH_SCOPE in scopes:
1011+
if OPENID_SCOPE in scopes:
10131012
request.POST._mutable = True
10141013
request.POST['scope'] = ' '.join(
1015-
s for s in scopes if s != OPENID_SCOPE and s != LAUNCH_SCOPE
1014+
s for s in scopes if s != OPENID_SCOPE
10161015
)
10171016
request.POST._mutable = False
10181017

0 commit comments

Comments
 (0)