<p></p>
<p>Yes there's a redundant check from the filter but once the content type is right it reads the correct table:</p>
<pre><code>Started POST "/oauth2/introspect" for 2001:8b0:bd:1:fce3:75ff:febd:6a8c at 2021-07-02 15:51:08 +0100
(1.1ms) SELECT "schema_migrations"."version" FROM "schema_migrations" ORDER BY "schema_migrations"."version" ASC
↳ config/initializers/cors.rb:9:in `call'
Oauth2Token Load (0.7ms) SELECT "oauth_tokens".* FROM "oauth_tokens" WHERE "oauth_tokens"."type" = $1 AND (invalidated_at IS NULL and authorized_at IS NOT NULL and token = '05sMxyhosM-gISCObOgdfSq7urPxGMlaGqS3VoeYse8') ORDER BY "oauth_tokens"."id" ASC LIMIT $2 [["type", "Oauth2Token"], ["LIMIT", 1]]
↳ config/initializers/compressed_requests.rb:27:in `call'
Processing by Oauth2TokensController#introspect as */*
Parameters: {"token"=>"05sMxyhosM-gISCObOgdfSq7urPxGMlaGqS3VoeYse8"}
Doorkeeper::AccessToken Load (0.7ms) SELECT "oauth_access_tokens".* FROM "oauth_access_tokens" WHERE "oauth_access_tokens"."token" = $1 LIMIT $2 [["token", "05sMxyhosM-gISCObOgdfSq7urPxGMlaGqS3VoeYse8"], ["LIMIT", 1]]
↳ app/controllers/api_controller.rb:64:in `current_ability'
User Load (1.2ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 LIMIT $2 [["id", 1], ["LIMIT", 1]]
↳ app/abilities/api_capability.rb:9:in `initialize'
UserRole Load (0.7ms) SELECT "user_roles".* FROM "user_roles" WHERE "user_roles"."user_id" = $1 [["user_id", 1]]
↳ app/models/user.rb:238:in `has_role?'
CACHE Doorkeeper::AccessToken Load (0.0ms) SELECT "oauth_access_tokens".* FROM "oauth_access_tokens" WHERE "oauth_access_tokens"."token" = $1 LIMIT $2 [["token", "05sMxyhosM-gISCObOgdfSq7urPxGMlaGqS3VoeYse8"], ["LIMIT", 1]]
↳ app/controllers/application_controller.rb:333:in `better_errors_allow_inline'
CACHE Doorkeeper::AccessToken Load (0.0ms) SELECT "oauth_access_tokens".* FROM "oauth_access_tokens" WHERE "oauth_access_tokens"."token" = $1 LIMIT $2 [["token", "05sMxyhosM-gISCObOgdfSq7urPxGMlaGqS3VoeYse8"], ["LIMIT", 1]]
↳ app/controllers/application_controller.rb:333:in `better_errors_allow_inline'
Completed 401 Unauthorized in 136ms (Views: 0.4ms | ActiveRecord: 20.4ms | Allocations: 88287)
</code></pre>
<p>Still working on hacking our cancancan config to authorize the requests...</p>
<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/openstreetmap/openstreetmap-website/issues/3245#issuecomment-873058309">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AAK2OLIJYOLEERRMX42XQZLTVXHEXANCNFSM47WPZ3VA">unsubscribe</a>.<img src="https://github.com/notifications/beacon/AAK2OLPCFOS3SWEXLXKSXU3TVXHEXA5CNFSM47WPZ3VKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOGQE5ABI.gif" height="1" width="1" alt="" /></p>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/openstreetmap/openstreetmap-website/issues/3245#issuecomment-873058309",
"url": "https://github.com/openstreetmap/openstreetmap-website/issues/3245#issuecomment-873058309",
"name": "View Issue"
},
"description": "View this Issue on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>