removed the call of security helper in ACGAuthorizationMethod

annahileta · annahileta · commit f1385c4f9335 · 2024-11-06T13:52:03.000+01:00
diff --git a/src/main/java/com/docusign/core/controller/IndexController.java b/src/main/java/com/docusign/core/controller/IndexController.java
@@ -159,7 +159,8 @@ public RedirectView pkce(String code, String state, HttpServletRequest req, Http
         String redirectURL = getRedirectURLForJWTAuthentication(req, resp);
         RedirectView redirect;
         try {
-            redirect = new ACGAuthenticationMethod().exchangeCodeForToken(code, config, session, redirectURL);
+            redirect = new ACGAuthenticationMethod().exchangeCodeForToken(code, config, session, redirectURL,
+                    ApiType.getScopeList());
         } catch (Exception e) {
             redirect = getRedirectView(AuthType.AGC);
             this.session.setIsPKCEWorking(false);
diff --git a/src/main/java/com/docusign/core/security/acg/ACGAuthenticationMethod.java b/src/main/java/com/docusign/core/security/acg/ACGAuthenticationMethod.java
@@ -44,7 +44,8 @@ public RedirectView exchangeCodeForToken(
             String oAuthToken,
             DSConfiguration configuration,
             Session session,
-            String redirect) throws Exception {
+            String redirect,
+            List<String> scopes) throws Exception {
         String requestBody = buildRequestBody(oAuthToken);
         String authHeader = generateAuthHeader(configuration);
 
@@ -59,7 +60,7 @@ public RedirectView exchangeCodeForToken(
         HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
 
         if (response.statusCode() == 200) {
-            processTokenResponse(response.body(), configuration, session);
+            processTokenResponse(response.body(), configuration, session, scopes);
         } else {
             throw new IOException("Failed to exchange code for token. Status code: " + response.statusCode());
         }
@@ -79,7 +80,8 @@ private String generateAuthHeader(DSConfiguration configuration) {
                 (configuration.getUserId() + ":" + configuration.getSecretUserId()).getBytes(StandardCharsets.UTF_8));
     }
 
-    private void processTokenResponse(String responseBody, DSConfiguration configuration, Session session)
+    private void processTokenResponse(String responseBody, DSConfiguration configuration, Session session,
+            List<String> scopes)
             throws Exception {
         ApiClient apiClient = new ApiClient(configuration.getBasePath());
         String accessToken = SecurityHelpers.parseJsonField(responseBody, "access_token");
@@ -88,7 +90,7 @@ private void processTokenResponse(String responseBody, DSConfiguration configura
         OAuth.UserInfo userInfo = apiClient.getUserInfo(accessToken);
         String accountId = userInfo.getAccounts().size() > 0 ? userInfo.getAccounts().get(0).getAccountId() : "";
 
-        SecurityHelpers.setSpringSecurityAuthentication(SecurityHelpers.getScopeList(), accessToken, userInfo,
+        SecurityHelpers.setSpringSecurityAuthentication(scopes, accessToken, userInfo,
                 accountId, session,
                 expiresIn);
     }
