Hi,
we are struggling with the setup of a job-scheduler for a pyython flask app on cloud foundry in the BTP.
The job must call the app via the approuter.
Following tutorials, we created a check_authorization method with:
access_token = request.headers.get('authorization')[7:]
security_context = xssec.create_security_context(access_token, uaa_service.credentials)
isAuthorized = security_context.check_scope('openid')
We granted
"grant-as-authority-to-apps": ["$XSSERVICENAME(job-scheduler)"] to a scope in xs-security.json and the scope is evaluated to True by security_context.check_local_scope("admin") in both cases (from job and from user)
When called via the job-scheduler, the security_context.check_scope('openid') however gives false, when called with a user it is True.
What might still be missing here ? Or do we need to check against another scope than 'openid' in the check_scope ?
Any help appreciated.
Regards
Marcus
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.