Request hydra.keys scope and fix panic

arekkas · arekkas · commit 546b2cff5e7c · 2017-11-19T17:14:13.000+01:00
diff --git a/cmd/serve_all.go b/cmd/serve_all.go
@@ -23,7 +23,7 @@ var allCmd = &cobra.Command{
 				ClientID:     viper.GetString("HYDRA_CLIENT_ID"),
 				ClientSecret: viper.GetString("HYDRA_CLIENT_SECRET"),
 				EndpointURL:  viper.GetString("HYDRA_URL"),
-				Scopes:       []string{"hydra.warden"},
+				Scopes:       []string{"hydra.warden", "hydra.keys.*"},
 			},
 			rules: rules, backendURL: viper.GetString("BACKEND_URL"),
 			cors:         parseCorsOptions(""),
@@ -36,7 +36,7 @@ var allCmd = &cobra.Command{
 				ClientID:     viper.GetString("HYDRA_CLIENT_ID"),
 				ClientSecret: viper.GetString("HYDRA_CLIENT_SECRET"),
 				EndpointURL:  viper.GetString("HYDRA_URL"),
-				Scopes:       []string{"hydra.warden"},
+				Scopes:       []string{"hydra.warden", "hydra.keys.*"},
 			},
 			rules:   rules,
 			address: fmt.Sprintf("%s:%s", viper.GetString("MANAGEMENT_HOST"), viper.GetString("MANAGEMENT_PORT")),
diff --git a/cmd/serve_management.go b/cmd/serve_management.go
@@ -94,7 +94,7 @@ HTTP CONTROLS
 				ClientID:     viper.GetString("HYDRA_CLIENT_ID"),
 				ClientSecret: viper.GetString("HYDRA_CLIENT_SECRET"),
 				EndpointURL:  viper.GetString("HYDRA_URL"),
-				Scopes:       []string{"hydra.warden"},
+				Scopes:       []string{"hydra.warden", "hydra.keys.*"},
 			},
 			rules:   rules,
 			address: fmt.Sprintf("%s:%s", viper.GetString("MANAGEMENT_HOST"), viper.GetString("MANAGEMENT_PORT")),
diff --git a/cmd/serve_proxy.go b/cmd/serve_proxy.go
@@ -101,7 +101,7 @@ OTHER CONTROLS
 				ClientID:     viper.GetString("HYDRA_CLIENT_ID"),
 				ClientSecret: viper.GetString("HYDRA_CLIENT_SECRET"),
 				EndpointURL:  viper.GetString("HYDRA_URL"),
-				Scopes:       []string{"hydra.warden"},
+				Scopes:       []string{"hydra.warden", "hydra.keys.*"},
 			},
 			rules: rules, backendURL: viper.GetString("BACKEND_URL"),
 			cors:         parseCorsOptions(""),
diff --git a/director/director.go b/director/director.go
@@ -110,6 +110,7 @@ func (d *Director) Director(r *http.Request) {
 			WithFields(map[string]interface{}{"user": access.User, "client_id": access.ClientID, "request_url": r.URL.String()}).
 			Errorf("Unable to fetch private key for signing JSON Web Token")
 		*r = *r.WithContext(context.WithValue(r.Context(), requestDenied, &directorError{err: errors.WithStack(err), statusCode: http.StatusInternalServerError}))
+		return
 	}
 
 	token, err := jwt.NewWithClaims(jwt.SigningMethodRS256, access.ToClaims()).SignedString(privateKey)

Original file line number	Diff line number	Diff line change
`@@ -110,6 +110,7 @@ func (d Director) Director(r http.Request) {`
`110`	`110`	`WithFields(map[string]interface{}{"user": access.User, "client_id": access.ClientID, "request_url": r.URL.String()}).`
`111`	`111`	`Errorf("Unable to fetch private key for signing JSON Web Token")`
`112`	`112`	`r = r.WithContext(context.WithValue(r.Context(), requestDenied, &directorError{err: errors.WithStack(err), statusCode: http.StatusInternalServerError}))`
	`113`	`+ return`
`113`	`114`	`}`
`114`	`115`
`115`	`116`	`token, err := jwt.NewWithClaims(jwt.SigningMethodRS256, access.ToClaims()).SignedString(privateKey)`