Merge branch 'main' into fix/configurable-token-url

developerzohaib786 · web-flow · commit 0d8fefecbadb · 2026-01-22T11:16:33.000+05:00
diff --git a/console/.env b/console/.env
@@ -1,3 +1,4 @@
 VITE_POLARIS_API_URL=http://localhost:8181
 VITE_POLARIS_REALM=POLARIS  # optional
+VITE_POLARIS_PRINCIPAL_SCOPE=PRINCIPAL_ROLE:ALL  # optional
 VITE_OAUTH_TOKEN_URL=http://localhost:8181/api/catalog/v1/oauth/tokens
diff --git a/console/.env.example b/console/.env.example
@@ -6,6 +6,9 @@ VITE_POLARIS_API_URL=http://polaris-polaris-1:8181
 # The realm identifier for Polaris
 VITE_POLARIS_REALM=POLARIS
 
+# Polaris Principal Scope
+VITE_POLARIS_PRINCIPAL_SCOPE=PRINCIPAL_ROLE:ALL
+
 # Docker Configuration
 # Port on which the UI will be accessible (default: 3000)
 PORT=3000
diff --git a/console/README.md b/console/README.md
@@ -46,6 +46,7 @@ Create a `.env` file based on `.env.example`:
 ```env
 VITE_POLARIS_API_URL=http://localhost:8181
 VITE_POLARIS_REALM=POLARIS 
+VITE_POLARIS_PRINCIPAL_SCOPE=PRINCIPAL_ROLE:ALL
 VITE_POLARIS_REALM_HEADER_NAME=Polaris-Realm  # optional, defaults to "Polaris-Realm"
 VITE_OAUTH_TOKEN_URL=  # optional, defaults to /api/catalog/v1/oauth/tokens
 ```
diff --git a/console/docker/generate-config.sh b/console/docker/generate-config.sh
@@ -26,6 +26,7 @@ cat > /opt/app-root/src/config.js << EOF
 window.APP_CONFIG = {
   VITE_POLARIS_API_URL: '${VITE_POLARIS_API_URL}',
   VITE_POLARIS_REALM: '${VITE_POLARIS_REALM}',
+  VITE_POLARIS_PRINCIPAL_SCOPE: '${VITE_POLARIS_PRINCIPAL_SCOPE}',
   VITE_OAUTH_TOKEN_URL: '${VITE_OAUTH_TOKEN_URL}',
   VITE_POLARIS_REALM_HEADER_NAME: '${VITE_POLARIS_REALM_HEADER_NAME}'
 };
diff --git a/console/helm/templates/deployment.yaml b/console/helm/templates/deployment.yaml
@@ -48,6 +48,8 @@ spec:
               value: {{ .Values.env.polarisApiUrl | quote }}
             - name: VITE_POLARIS_REALM
               value: {{ .Values.env.polarisRealm | quote }}
+            - name: VITE_POLARIS_PRINCIPAL_SCOPE
+              value: { { .Values.env.polarisPrincipalScope | quote } }
             - name: VITE_OAUTH_TOKEN_URL
               value: {{ .Values.env.oauthTokenUrl | quote }}
           readinessProbe:
diff --git a/console/src/api/auth.ts b/console/src/api/auth.ts
@@ -43,7 +43,7 @@ export const authApi = {
     formData.append("grant_type", "client_credentials")
     formData.append("client_id", clientId)
     formData.append("client_secret", clientSecret)
-    formData.append("scope", "PRINCIPAL_ROLE:ALL")
+    formData.append("scope", scope)
 
     const headers: Record<string, string> = {
       "Content-Type": "application/x-www-form-urlencoded",
diff --git a/console/src/hooks/useAuth.tsx b/console/src/hooks/useAuth.tsx
@@ -23,7 +23,7 @@ import { authApi } from "@/api/auth"
 
 interface AuthContextType {
   isAuthenticated: boolean
-  login: (clientId: string, clientSecret: string, realm: string) => Promise<void>
+  login: (clientId: string, clientSecret: string, scope: string, realm: string) => Promise<void>
   logout: () => void
   loading: boolean
 }
@@ -34,13 +34,13 @@ export function AuthProvider({ children }: { children: ReactNode }) {
   const [isAuthenticated, setIsAuthenticated] = useState<boolean>(false)
   const [loading] = useState<boolean>(false)
 
-  const login = async (clientId: string, clientSecret: string, realm: string) => {
+  const login = async (clientId: string, clientSecret: string, scope: string, realm: string) => {
     try {
       // Store realm in localStorage (non-sensitive configuration)
       if (realm) {
         localStorage.setItem("polaris_realm", realm)
       }
-      await authApi.getToken(clientId, clientSecret, realm)
+      await authApi.getToken(clientId, clientSecret, scope, realm)
       setIsAuthenticated(true)
     } catch (error) {
       setIsAuthenticated(false)
diff --git a/console/src/lib/config.ts b/console/src/lib/config.ts
@@ -20,6 +20,7 @@
 interface AppConfig {
   VITE_POLARIS_API_URL?: string
   VITE_POLARIS_REALM?: string
+  VITE_POLARIS_PRINCIPAL_SCOPE: string
   VITE_OAUTH_TOKEN_URL?: string
   VITE_POLARIS_REALM_HEADER_NAME?: string
 }
@@ -53,6 +54,7 @@ function getConfig<T extends string | undefined>(
 export const config = {
   POLARIS_API_URL: getConfig('VITE_POLARIS_API_URL', ''),
   POLARIS_REALM: getConfig('VITE_POLARIS_REALM', ''),
+  POLARIS_PRINCIPAL_SCOPE: getConfig('VITE_POLARIS_PRINCIPAL_SCOPE', ''),
   OAUTH_TOKEN_URL: getConfig('VITE_OAUTH_TOKEN_URL', ''),
   REALM_HEADER_NAME: getConfig('VITE_POLARIS_REALM_HEADER_NAME', 'Polaris-Realm'),
 }
diff --git a/console/src/pages/Login.tsx b/console/src/pages/Login.tsx
@@ -32,6 +32,7 @@ export function Login() {
   const [clientSecret, setClientSecret] = useState("")
   // Initialize realm with value from .env file if present
   const [realm, setRealm] = useState(import.meta.env.VITE_POLARIS_REALM || "")
+  const [scope, setScope] = useState(import.meta.env.VITE_POLARIS_PRINCIPAL_SCOPE || "")
   const [error, setError] = useState("")
   const [loading, setLoading] = useState(false)
   const { login } = useAuth()
@@ -43,7 +44,7 @@ export function Login() {
     setLoading(true)
 
     try {
-      await login(clientId, clientSecret, realm)
+      await login(clientId, clientSecret, scope, realm)
       navigate("/")
     } catch (err) {
       setError(
@@ -100,6 +101,17 @@ export function Login() {
                   placeholder="Enter your realm"
                 />
               </div>
+              <div className="space-y-2">
+                <Label htmlFor="scope">Scope</Label>
+                <Input
+                  id="scope"
+                  type="text"
+                  value={scope}
+                  onChange={(e) => setScope(e.target.value)}
+                  required
+                  placeholder="Enter the scope"
+                />
+              </div>
               {error && (
                 <div className="rounded-md bg-destructive/10 p-3 text-sm text-destructive">
                   {error}
