From 53d88663fa3d39dccfdde19f63878accee6c7924 Mon Sep 17 00:00:00 2001 From: alexcaussades Date: Mon, 23 Oct 2023 20:13:28 +0200 Subject: [PATCH] SCOPE SSO (#118) Fixes #117 --- app/Http/Controllers/AuthIVAOController.php | 2 +- app/Http/Controllers/whazzupController.php | 2 +- database/changelog.json | 17 ++++++++++++++++- 3 files changed, 18 insertions(+), 3 deletions(-) diff --git a/app/Http/Controllers/AuthIVAOController.php b/app/Http/Controllers/AuthIVAOController.php index 1141cd4..9d36420 100644 --- a/app/Http/Controllers/AuthIVAOController.php +++ b/app/Http/Controllers/AuthIVAOController.php @@ -34,7 +34,7 @@ public function sso(Request $request, $url = "home") $base_url = $openid_data["authorization_endpoint"]; $reponse_type = "code"; - $scopes = "profile configuration email bookings:write friends friends:read friends:write flight_plans:read flight_plans:write tracker"; + $scopes = "profile friends:read friends:write flight_plans:read flight_plans:write"; $state = rand(100000, 999999); // Random string to prevent CSRF attacks $query = [ diff --git a/app/Http/Controllers/whazzupController.php b/app/Http/Controllers/whazzupController.php index b659943..6ea91b6 100644 --- a/app/Http/Controllers/whazzupController.php +++ b/app/Http/Controllers/whazzupController.php @@ -171,7 +171,7 @@ public function get_session() 'grant_type' => 'client_credentials', 'client_id' => $idclient, 'client_secret' => $secret, - 'scope' => "friends friends:read friends:write traker" + 'scope' => "friends:read friends:write tracker" ); // use key 'http' even if you send the request to https://... diff --git a/database/changelog.json b/database/changelog.json index 0082509..0521c49 100644 --- a/database/changelog.json +++ b/database/changelog.json @@ -162,6 +162,21 @@ } ] - } + }, + "6": + { + "id": 7, + "name": "2023 / 32", + "date": "2023-10-23", + "version": "26.2.3", + "option":[ + { + "id": 0, + "type": "Change", + "btn": "warning", + "description": "Modification API IVAO" + } + ] + } }