Skip to content

ScimOauthAccessToken.find_by_token finds instance-level tokens only

Jessie Young requested to merge jy-find-by-token-tweak into master

What does this MR do and why?

  • This method is being used to authenticate requests to instance-level SCIM endpoints, such as those added in this MR: !107770 (merged)
  • We want to ensure that a group SCIM token cannot be used to authenticate requests made to instance-level SCIM endpoints.
  • This changes here ensure that no match is returned if the token has a group_id
  • UI to generate scim tokens will be added via this issue: #376138 (closed)
  • No changelog here as the method we are changing is unused currently
  • Also backfilled specs for related method since that was missing unit tests

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

Edited by Jessie Young

Merge request reports

Loading