Merged in SW-3476-use-separate-curity-client-for-service-tokens-for-partner-sas (pull request #2809)

feat(SW-3476): add support for using different curity clients when creating service tokens * fix(SW-3476): add support for using different curity clients when creating service tokens * remove log statement Approved-by: Hrishikesh Vaipurkar
2025-09-18 07:04:45 +00:00
parent 8661e5c348
commit 9620bfe76d
5 changed files with 12 additions and 2 deletions
--- a/apps/partner-sas/.env
+++ b/apps/partner-sas/.env
@@ -0,0 +1 @@
+CURITY_CLIENT_SERVICE_SCOPES="profile_read, hotel, booking, package, availability"
--- a/apps/partner-sas/.gitignore
+++ b/apps/partner-sas/.gitignore
@@ -31,7 +31,7 @@ yarn-error.log*
 .pnpm-debug.log*

 # env files (can opt-in for committing if needed)
-.env*
+.env.*

 # vercel
 .vercel
--- a/apps/scandic-web/.env
+++ b/apps/scandic-web/.env
@@ -1,6 +1,7 @@
 NEXTAUTH_DEBUG="false"
 DEBUG_QUERIES="false"
 SEAMLESS_ENVIRONMENT_SUBDOMAIN="www"
+CURITY_CLIENT_SERVICE_SCOPES="profile, hotel, booking, package, availability"

 SEAMLESS_LOGIN="https://${SEAMLESS_ENVIRONMENT_SUBDOMAIN}.scandichotels.{topleveldomain}/updatelogin"
 SEAMLESS_LOGOUT="https://${SEAMLESS_ENVIRONMENT_SUBDOMAIN}.scandichotels.{topleveldomain}/updatelogout?newweb=1"
--- a/packages/common/env/server.ts
+++ b/packages/common/env/server.ts
@@ -20,6 +20,13 @@ export const env = createEnv({
    CURITY_ISSUER_USER: z.string(),
    CURITY_CLIENT_ID_SERVICE: z.string().default("scandichotels-web-backend"),
    CURITY_CLIENT_SECRET_SERVICE: z.string(),
+    CURITY_CLIENT_SERVICE_SCOPES: z.string().transform((val) =>
+      val
+        .split(",")
+        .map((s) => s.trim())
+        .filter(Boolean)
+        .toSorted()
+    ),
  },
  emptyStringAsUndefined: true,
  runtimeEnv: {
@@ -31,5 +38,6 @@ export const env = createEnv({
    CURITY_CLIENT_SECRET_SERVICE: process.env.CURITY_CLIENT_SECRET_SERVICE,
    CURITY_ISSUER_USER: process.env.CURITY_ISSUER_USER,
    CURITY_CLIENT_ID_SERVICE: process.env.CURITY_CLIENT_ID_SERVICE,
+    CURITY_CLIENT_SERVICE_SCOPES: process.env.CURITY_CLIENT_SERVICE_SCOPES,
  },
 })
--- a/packages/common/tokenManager/tokenManager.ts
+++ b/packages/common/tokenManager/tokenManager.ts
@@ -15,7 +15,7 @@ export async function getServiceToken() {
  const tracer = trace.getTracer("getServiceToken")

  return await tracer.startActiveSpan("getServiceToken", async () => {
-    const scopes = ["profile", "hotel", "booking", "package", "availability"]
+    const scopes = env.CURITY_CLIENT_SERVICE_SCOPES

    const cacheKey = getServiceTokenCacheKey(scopes)
    const cacheClient = await getCacheClient()
				`@@ -0,0 +1 @@`
				`CURITY_CLIENT_SERVICE_SCOPES="profile_read, hotel, booking, package, availability"`