0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00
logto/.changeset/seven-socks-perform.md
simeng-li 9518658595
fix(schemas): fix the get interation/consent api bug (#5503)
* fix(schemas): fix the get interation/consent api bug

fix the get interation/consent api bug

* chore: update changeset

update changeset

* fix: update changeset

update changeset

* refactor(schemas, console): alter the resource scopes description field to nullable (#5504)

* refactor(schemas, console): alter the resoruce scopes description field nullable

make the resourec scopes description nullable

* fix(test): fix the type issue in the integration test

fix the type issue in the integration test

* fix(console): add the field register

add the field register

* fix: update the changeset

update the changeset

* fix(console,test): update comments and rebase

update comments and rebase the master
2024-03-20 14:31:35 +08:00

1.2 KiB

@logto/schemas
patch

Reproduction steps

  • Create an organization scope with an empty description and assign this scope to a third-party application.

  • Login to the third-party application and request the organization scope.

  • Proceed through the interaction flow until reaching the consent page.

  • An internal server error 500 is returned.

Root cause

For the /interaction/consent endpoint, the organization scope is returned alongside other resource scopes in the missingResourceScopes property.

In the consentInfoResponseGuard, we utilize the resource Scopes zod guard to validate the missingResourceScopes property. However, the description field in the resource scope is mandatory while organization scopes'description is optional. An organization scope with an empty description will not pass the validation.

Solution

Alter the resource scopes table to make the description field nullable. Related Scope zod guard and the consentInfoResponseGuard will be updated to reflect this change. Align the resource scopes table with the organization scopes table to ensure consistency.