From bd98b56e02531776da5fd2f8941cf5d9d9d0b7ab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gerg=C5=91=20Jedlicska?= <gergo@jedlicska.com>
Date: Wed, 26 Jul 2023 13:51:24 +0200
Subject: [PATCH] refactor(server scopes): use constants for tokens write scope

---
 packages/server/modules/auth/rest/index.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/packages/server/modules/auth/rest/index.js b/packages/server/modules/auth/rest/index.js
index a10b3cc4d..63c3f9057 100644
--- a/packages/server/modules/auth/rest/index.js
+++ b/packages/server/modules/auth/rest/index.js
@@ -14,6 +14,7 @@ const { revokeRefreshToken } = require(`@/modules/auth/services/apps`)
 const { validateScopes } = require(`@/modules/shared`)
 const { InvalidAccessCodeRequestError } = require('@/modules/auth/errors')
 const { ForbiddenError } = require('apollo-server-errors')
+const { Scopes } = require('@speckle/shared')
 
 // TODO: Secure these endpoints!
 module.exports = (app) => {
@@ -38,7 +39,7 @@ module.exports = (app) => {
       if (!valid) throw new InvalidAccessCodeRequestError('Invalid token')
 
       // 2. Validate token scopes
-      await validateScopes(scopes, 'tokens:write')
+      await validateScopes(scopes, Scopes.Tokens.Write)
 
       const ac = await createAuthorizationCode({ appId, userId, challenge })
       return res.redirect(`${app.redirectUrl}?access_code=${ac}`)