Add new guard clause to the oauth2 client credentials flow.

[noissue]
pulp · Aug 28, 2024 · 5a4b9fe · 5a4b9fe
1 parent 3935d25
commit 5a4b9fe
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/CHANGES/+guard_clause_scope.misc b/CHANGES/+guard_clause_scope.misc
@@ -0,0 +1 @@
+Add a guard clause to the OAuth2 Client Credentials grant flow to avoid sending empty scopes to token issuer.
diff --git a/pulp-glue/pulp_glue/common/authentication.py b/pulp-glue/pulp_glue/common/authentication.py
@@ -78,10 +78,12 @@ def retrieve_token(self) -> None:
         data = {
             "client_id": self.client_id,
             "client_secret": self.client_secret,
-            "scope": " ".join(self.scopes),
             "grant_type": "client_credentials",
         }
 
+        if scope := " ".join(self.scopes):
+            data["scope"] = scope
+
         response: requests.Response = requests.post(self.token_url, data=data)
 
         response.raise_for_status()
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Add a guard clause to the OAuth2 Client Credentials grant flow to avoid sending empty scopes to token issuer.