Skip to content

Commit 642a796

Browse files
JorTurFerJorTurFer
committed
.
Signed-off-by: Jorge Turrado <jorge.turrado@mail.schwarz>
1 parent f15261b commit 642a796

File tree

2 files changed

+6
-5
lines changed

2 files changed

+6
-5
lines changed

docs/stackit_auth_login.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -24,9 +24,9 @@ stackit auth login [flags]
2424
### Options
2525

2626
```
27-
-h, --help Help for "stackit auth login"
28-
--port int The port on which the callback server will listen to. By default, it tries to bind a port between 8000 and 8020.
29-
When a value is specified, it will only try to use the specified port. Valid values are within the range of 8000 to 8020.
27+
-h, --help Help for "stackit auth login"
28+
--port int The port on which the callback server will listen to. By default, it tries to bind a port between 8000 and 8020.
29+
When a value is specified, it will only try to use the specified port. Valid values are within the range of 8000 to 8020.
3030
--use-device-flow Use OAuth 2.0 device authorization grant (device flow) instead of the browser callback flow.
3131
```
3232

internal/pkg/auth/user_login.go

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ import (
2626
const (
2727
defaultWellKnownConfig = "https://accounts.stackit.cloud/.well-known/openid-configuration"
2828
defaultCLIClientID = "stackit-cli-0000-0000-000000000001"
29+
scope = "openid groups offline_access email"
2930

3031
loginSuccessPath = "/login-successful"
3132

@@ -129,7 +130,7 @@ func authorizeUserWithPKCE(p *print.Printer, idpWellKnownConfig *wellKnownConfig
129130
Endpoint: oauth2.Endpoint{
130131
AuthURL: idpWellKnownConfig.AuthorizationEndpoint,
131132
},
132-
Scopes: []string{"openid offline_access email"},
133+
Scopes: []string{scope},
133134
RedirectURL: redirectURL,
134135
}
135136

@@ -360,7 +361,7 @@ type deviceAuthorizationResponse struct {
360361
func getDeviceAuthorizationData(deviceAuthorizationEndpoint, clientID string) (*deviceAuthorizationResponse, error) {
361362
form := url.Values{}
362363
form.Set("client_id", clientID)
363-
form.Set("scope", "openid offline_access email")
364+
form.Set("scope", scope)
364365

365366
req, err := http.NewRequest("POST", deviceAuthorizationEndpoint, strings.NewReader(form.Encode()))
366367
if err != nil {

0 commit comments

Comments
 (0)