vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-04 12:30:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: Device Token Scope Escalation via Rotate Endpoint (#20703)

Browse Source 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 4f2c2ecef4
Co-authored-by: coygeek <65363919+coygeek@users.noreply.github.com>
Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com>
Reviewed-by: @mbelinky
This commit is contained in:
Coy Geek
2026-02-20 09:38:58 -08:00
committed by GitHub
parent 40a292619e
commit 914a7c5359
4 changed files with 80 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/gateway/server-methods/devices.ts
View File

@@ -24,7 +24,7 @@ import type { GatewayRequestHandlers } from "./types.js";
function redactPairedDevice(
device: { tokens?: Record<string, DeviceAuthToken> } & Record<string, unknown>,
) {
const { tokens, ...rest } = device;
const { tokens, approvedScopes: _approvedScopes, ...rest } = device;
return {
...rest,
tokens: summarizeDeviceTokens(tokens),