From 9fbb62272fda7116f53db1fd13e4b5fa76d2e1a6 Mon Sep 17 00:00:00 2001
From: Rucha Deshpande <deshruch@amazon.com>
Date: Fri, 13 Nov 2020 10:58:03 -0600
Subject: [PATCH] Bug fix: add custom scope as env. var

---
 .../aws/impl/ServiceAccountJwtAwsClientImpl.java         | 9 ++++++---
 .../src/main/resources/application.properties            | 1 +
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/ServiceAccountJwtAwsClientImpl.java b/provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/ServiceAccountJwtAwsClientImpl.java
index 21e1efe20..dfc735be7 100644
--- a/provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/ServiceAccountJwtAwsClientImpl.java
+++ b/provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/ServiceAccountJwtAwsClientImpl.java
@@ -73,6 +73,9 @@ public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient
     @Getter()
     public String tokenUrl;
 
+    @Value("${aws.oauth.custom.scope}")
+    private String awsOauthCustomScope;
+
     @Autowired
     private JaxRsDpsLog log;
 
@@ -106,7 +109,6 @@ public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient
            client_credentials_clientid = paramsResult.getValue();
             client_credentials_secret = getSecret(client_secret_secretName,amazonRegion,client_secret_key);
 
-
         }
     }
 
@@ -128,14 +130,15 @@ public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient
         headers.put("Authorization","Basic "+authorizationHeaderContents);
         headers.put("Content-Type", "application/x-www-form-urlencoded");
         IHttpClient httpClient = new HttpClient();
-        String url = tokenUrl+"?grant_type=client_credentials&client_id="+client_credentials_clientid+"&scope=osduOnAws/fromNotificaton";
+        String url = tokenUrl+"?grant_type=client_credentials&client_id="+client_credentials_clientid+"&scope="+awsOauthCustomScope;
         HttpRequest rq = HttpRequest.post().url(url).headers(headers).build();
 
 
         HttpResponse result = httpClient.send(rq);
         try {
             AccessToken accessToken = this.getResult(result, AccessToken.class);
-             token = accessToken.getAccess_token();
+
+            token = accessToken.getAccess_token();
         }catch(Exception e)
         {
             System.out.println("Could not parse AccessToken result to get access_token");
diff --git a/provider/notification-aws/src/main/resources/application.properties b/provider/notification-aws/src/main/resources/application.properties
index 85634d7e6..cfccbdec8 100644
--- a/provider/notification-aws/src/main/resources/application.properties
+++ b/provider/notification-aws/src/main/resources/application.properties
@@ -29,6 +29,7 @@ aws.dynamodb.table.prefix=${RESOURCE_PREFIX}-
 aws.dynamodb.endpoint=dynamodb.${AWS_REGION}.amazonaws.com
 
 aws.tokenUrl=${OAUTH_TOKEN_URL}
+aws.oauth.custom.scope=${OAUTH_CUSTOM_SCOPE}
 app.expireTime=300
 app.maxCacheSize=10
 
-- 
GitLab