Table of Contents |
---|
...
- GraphQL schema
- Features
Validation
Validate token
- Verify the validity of access token
- Return 401 in case validation fails
- token is not expired
- in case error return 401
- Validate client_id is NHS
- check client type is NHS
- in case of error rerun forbidden error (Client is not allowed to the action')
- check client type is NHS
Validate scopes
- Check user scopes in order to perform this action (scope = 'merge_request:read')
- Return forbidden in case invalid scope(s) -"Your scope does not allow to access this resource. Missing allowances: merge_request:read"
Verify user and role
Extract from token:
- Validate client_id (is_blocked=false)
- in case of error return 403 Error ('Client is blocked')
- Check user_roles by client_id
- check whether exist role NHS_REVIEWER
- in case of error return 403 Error ('User doesn't have required role')
- check whether exist role NHS_REVIEWER
- Validate client_id is NHS
- check client type is NHS
- in case of error rerun forbidden error (Client is not allowed to the action')
- check client type is NHS
Validate context
Return response to user limited by context from user's token
...