Skip to content

Commit e9d9dd1

Browse files
goljagolja
committed
Make the token-exchange scope configurable in config.json .
1 parent 70b2aac commit e9d9dd1

File tree

2 files changed

+6
-2
lines changed

2 files changed

+6
-2
lines changed

config/config.json

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,5 +19,8 @@
1919
"mcp:call-tools"
2020
],
2121
"MCP_SERVER_CLIENT_ID": "",
22-
"MCP_SERVER_CLIENT_SECRET": ""
22+
"MCP_SERVER_CLIENT_SECRET": "",
23+
"TOKEN_EXCHANGE_SCOPE": [
24+
"ofbiz:use-api"
25+
]
2326
}

src/server-remote.ts

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@ const AUTHZ_SERVER_BASE_URL = configData.AUTHZ_SERVER_BASE_URL;
4242
const SCOPES_SUPPORTED = configData.SCOPES_SUPPORTED;
4343
const MCP_SERVER_CLIENT_ID = configData.MCP_SERVER_CLIENT_ID;
4444
const MCP_SERVER_CLIENT_SECRET = configData.MCP_SERVER_CLIENT_SECRET;
45+
const TOKEN_EXCHANGE_SCOPE = configData.TOKEN_EXCHANGE_SCOPE || [];
4546
// Server configuration
4647
const SERVER_PORT = configData.SERVER_PORT;
4748
const RATE_LIMIT_WINDOW_MS = configData.RATE_LIMIT_WINDOW_MS || 60000; // default 1 minute
@@ -229,7 +230,7 @@ async function performTokenExchange(subjectToken: string): Promise<string | null
229230
subject_token: subjectToken,
230231
subject_token_type: "urn:ietf:params:oauth:token-type:access_token",
231232
requested_token_type: "urn:ietf:params:oauth:token-type:access_token",
232-
scope: "ofbiz:use-api",
233+
scope: TOKEN_EXCHANGE_SCOPE.join(' '),
233234
resource: BACKEND_API_RESOURCE,
234235
audience: BACKEND_API_AUDIENCE
235236
});

0 commit comments

Comments
 (0)