From 119a20592b83794ecd46df6648ac97b5564e0b41 Mon Sep 17 00:00:00 2001
From: Dawid Heyman <dawid.heyman@snowflake.com>
Date: Sat, 30 Nov 2024 22:44:59 +0100
Subject: [PATCH] Refactor

---
 .../AuthorizationCodeFlowAccessTokenProvider.java  | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/src/main/java/net/snowflake/client/core/auth/oauth/AuthorizationCodeFlowAccessTokenProvider.java b/src/main/java/net/snowflake/client/core/auth/oauth/AuthorizationCodeFlowAccessTokenProvider.java
index 9f4406e3a..671ce71da 100644
--- a/src/main/java/net/snowflake/client/core/auth/oauth/AuthorizationCodeFlowAccessTokenProvider.java
+++ b/src/main/java/net/snowflake/client/core/auth/oauth/AuthorizationCodeFlowAccessTokenProvider.java
@@ -47,7 +47,6 @@ public String getAccessToken(SFLoginInput loginInput) throws SFException {
     private AuthorizationCode requestAuthorizationCode(SFLoginInput loginInput) throws SFException {
         try {
             AuthorizationRequest request = buildAuthorizationRequest(loginInput);
-
             URI requestURI = request.toURI();
             HttpUtil.executeGeneralRequest(new HttpGet(requestURI),
                     loginInput.getLoginTimeout(),
@@ -92,9 +91,9 @@ private static CompletableFuture<String> getAuthorizationCodeFromRedirectURI() t
     private static AuthorizationRequest buildAuthorizationRequest(SFLoginInput loginInput) throws URISyntaxException {
         URI authorizeEndpoint = new URI(String.format("%s/oauth/authorize", loginInput.getServerUrl()));
         ClientID clientID = new ClientID("123");
-        Scope scope = new Scope("read", "write");
+        Scope scope = new Scope(String.format("session:role:%s", loginInput.getRole()));
         URI callback = buildRedirectURI();
-        State state = new State();
+        State state = new State(256);
         return new AuthorizationRequest.Builder(
                 new ResponseType(ResponseType.Value.CODE), clientID)
                 .scope(scope)
@@ -111,10 +110,9 @@ private static URI buildRedirectURI() throws URISyntaxException {
     private static TokenRequest buildTokenRequest(SFLoginInput loginInput, AuthorizationCode authorizationCode) throws URISyntaxException {
         URI callback = buildRedirectURI();
         AuthorizationGrant codeGrant = new AuthorizationCodeGrant(authorizationCode, callback);
-        ClientID clientID = new ClientID("123");
-        Secret clientSecret = new Secret("123");
-        ClientAuthentication clientAuthentication = new ClientSecretBasic(clientID, clientSecret);
-        URI tokenEndpoint = new URI(String.format("%s/oauth/token", loginInput.getServerUrl()));
-        return new TokenRequest(tokenEndpoint, clientAuthentication, codeGrant, new Scope());
+        ClientAuthentication clientAuthentication = new ClientSecretBasic(new ClientID("123"), new Secret("123"));
+        URI tokenEndpoint = new URI(String.format("%s/oauth/token-request", loginInput.getServerUrl()));
+        Scope scope = new Scope("session:role", loginInput.getRole());
+        return new TokenRequest(tokenEndpoint, clientAuthentication, codeGrant, scope);
     }
 }