LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-03-21 16:41:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: preserve operator scopes for shared auth connections

Browse Source 
When connecting via shared gateway token (no device identity),
the operator scopes were being cleared, causing API operations
to fail with 'missing scope' errors.

This fix preserves scopes when sharedAuthOk is true, allowing
headless/API operator clients to retain their requested scopes.

Fixes #27494

(cherry picked from commit c71c8948bd)
This commit is contained in:
Kevin Shenghui
2026-02-26 04:11:19 -08:00
committed by Peter Steinberger
parent 0ab5f4c43b
commit 9c142993b8
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/gateway/server/ws-connection/message-handler.ts
View File

@@ -486,7 +486,7 @@ export function attachGatewayWsMessageHandler(params: {
close(1008, truncateCloseReason(authMessage));
};
const clearUnboundScopes = () => {
if (scopes.length > 0 && !controlUiAuthPolicy.allowBypass) {
if (scopes.length > 0 && !controlUiAuthPolicy.allowBypass && !sharedAuthOk) {
scopes = [];
connectParams.scopes = scopes;
}