Skip to content

Commit

Permalink
fix(api): validate oauth provider scopes (#974)
Browse files Browse the repository at this point in the history
  • Loading branch information
talboren authored Mar 18, 2024
1 parent 5f5bb6f commit 0ba3898
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions keep/api/routes/providers.py
Original file line number Diff line number Diff line change
Expand Up @@ -628,6 +628,8 @@ async def install_provider_oauth2(
context_manager, provider_unique_id, provider_type, provider_config
)

validated_scopes = validate_scopes(provider)

secret_manager = SecretManagerFactory.get_secret_manager(context_manager)
secret_name = f"{tenant_id}_{provider_type}_{provider_unique_id}"
secret_manager.write_secret(
Expand All @@ -643,6 +645,7 @@ async def install_provider_oauth2(
installed_by=installed_by,
installation_time=time.time(),
configuration_key=secret_name,
validatedScopes=validated_scopes,
)
session.add(provider)
session.commit()
Expand Down

0 comments on commit 0ba3898

Please sign in to comment.