Home > OS >  How can I set the scope to a http request in my app?
How can I set the scope to a http request in my app?

Time:03-09

I would like to know how to set the scope to a http request in my Ionic App. We are using Hapi Framework for the Backend built with Node.JS. I'm working with a team so I don’t have enough knowledge on the server side since I'm working on the Ionic App.

Also, I'm setting a Bearer Token to the request header which is working fine. Below is my code.

Ionic App Http Request:

let params = { eventId: this.event_id, bearerToken: '' };  

let headers = new HttpHeaders();

headers.set('Content-Type', 'application/json');
headers.set('Authorization', `Bearer ${params.bearerToken}`);
headers.set('Scope', 'client');
console.log("Authorization bearer token: "   params.bearerToken);
//headers.append('scope', ['client']);
let options = { headers: headers, scope: 'client' };
return this.http
  .get(this.baseUrl   `getEventShops?eventId=${params.eventId}`, options)
  .pipe(map((response: any) => response)
    , catchError(this.handleError));

Node.JS Route Fragment:

exports.getEventShops = {
method: 'get',
path: '/event/getEventShops',
async handler(request) {
    const user = request.auth.credentials.userSession;
    let data = await shopController.getEventShops(request.query, user);
    return data;
},
config: {
    auth: {
        strategy: 'JwtAuth',
        scope: ['client']
    },
  ......

This is the error code I'm getting:

{
   "statusCode": 403,
   "error": "Forbidden",
   "message": "Insufficient scope"
}

I know the error is because I'm setting the scope the wrong way.

CodePudding user response:

This is something that has to be set in the Bearer token, on the server side, not on the mobile one.

  • Related