Skip to content

Replace Verida Connect by Verida Auth#24

Merged
aurelticot merged 18 commits intodevelopfrom
feature/23-replace-verida-connect-by-verida-auth
May 7, 2025
Merged

Replace Verida Connect by Verida Auth#24
aurelticot merged 18 commits intodevelopfrom
feature/23-replace-verida-connect-by-verida-auth

Conversation

@aurelticot
Copy link
Member

@aurelticot aurelticot commented Apr 24, 2025

What's changed?

How to test these changes?

Anything to be aware of?

@aurelticot aurelticot self-assigned this Apr 24, 2025
@aurelticot aurelticot linked an issue Apr 24, 2025 that may be closed by this pull request
Replace Verida Connect by Verida Auth #23
Closed
@tahpot
Copy link
Member

tahpot commented Apr 30, 2025

Comments from @aurelticot

I haven't tested everything yet. Except the Browse Data page that has an issue, likely already present earlier (related to a react controlled input). I'll have a look tomorrow (tuesday).

So far, I put arbitrary scopes for the Auth token, I'm still unsure what's needed.
For the DCS API /app/... that are consumed by the Developer Console, the routes are not configured with a scope (see on GitHub) but /app/account fails with a 403 Forbidden Invalid token (insufficient scope). This issue is purely related to the options passed to the auth middleware, not the token received in the request (see GitHub). Did it worked previously?

@tahpot
Copy link
Member

tahpot commented Apr 30, 2025

For the DCS API /app/... that are consumed by the Developer Console, the routes are not configured with a scope

This is because this app was using the wallet to sign in, which doesn't use scopes. The dev console was providing the raw session token object.

/app/account fails with a 403 Forbidden Invalid token (insufficient scope)

Yep, that's because there's no scope defined and scopes are required when using an API key instead of a session token for authentication.

I think adding a app-developer scope to all these app endpoints would make sense:

const appAuth = auth({
    scopes: ['app-developer'],
    options: {
        // App DID's don't need to be whitelisted
        ignoreAccessCheck: true,
    }
})

The developer console can then request that scope as part of signing in.

@aurelticot
Copy link
Member Author

aurelticot commented Apr 30, 2025

Yep, that's because there's no scope defined and scopes are required when using an API key instead of a session token for authentication.

I think adding a app-developer scope to all these app endpoints would make sense:

const appAuth = auth({
    scopes: ['app-developer'],
    options: {
        // App DID's don't need to be whitelisted
        ignoreAccessCheck: true,
    }
})

The developer console can then request that scope as part of signing in.

Okay, makes sense

@aurelticot aurelticot mentioned this pull request Apr 30, 2025
Merged
@aurelticot aurelticot marked this pull request as ready for review May 6, 2025 20:13
@aurelticot aurelticot requested a review from tahpot May 6, 2025 20:13
@tahpot
Copy link
Member

tahpot commented May 7, 2025

Screenshot 2025-05-07 at 2 13 08 PM

The connect button doesn't appear correctly.

Other than that, this is great. I tested end to end using two different mainnet accounts. This can be released.

@aurelticot aurelticot merged commit 95d1068 into develop May 7, 2025
1 check failed
@aurelticot aurelticot deleted the feature/23-replace-verida-connect-by-verida-auth branch May 7, 2025 06:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tahpot tahpot Awaiting requested review from tahpot

Assignees

@aurelticot aurelticot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Replace Verida Connect by Verida Auth

2 participants

@aurelticot @tahpot