Move authorizeZcapInvocationOptions into authorization config.

digitalbazaar · Jan 26, 2025 · b47f891 · b47f891
1 parent 3b76cb8
commit b47f891
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 9 deletions.
diff --git a/lib/config.js b/lib/config.js
@@ -6,15 +6,16 @@ import {NAMESPACE} from './constants.js';
 
 const cfg = config[NAMESPACE] = {};
 
-cfg.authorizeZcapInvocationOptions = {
-  maxChainLength: 10,
-  // 300 second clock skew permitted by default
-  maxClockSkew: 300,
-  // 1 year max TTL by default
-  maxDelegationTtl: 1 * 60 * 60 * 24 * 365 * 1000
-};
-
 cfg.authorization = {
+  zcap: {
+    authorizeZcapInvocationOptions: {
+      maxChainLength: 10,
+      // 300 second clock skew permitted by default
+      maxClockSkew: 300,
+      // 1 year max TTL by default
+      maxDelegationTtl: 1 * 60 * 60 * 24 * 365 * 1000
+    }
+  },
   oauth2: {
     accessTokens: {
       // TTL in seconds (default 24 hours = 86400 seconds)

diff --git a/lib/http/middleware.js b/lib/http/middleware.js
@@ -67,7 +67,11 @@ export function authorizeOAuth2AccessToken({getExpectedValues}) {
 export function authorizeZcapInvocation({
   getExpectedValues, getRootController, isRevoked = () => false
 } = {}) {
-  const {authorizeZcapInvocationOptions} = bedrock.config[NAMESPACE];
+  const {
+    authorization: {
+      zcap: {authorizeZcapInvocationOptions}
+    }
+  } = bedrock.config[NAMESPACE];
   return _authorizeZcapInvocation({
     documentLoader, getExpectedValues, getRootController,
     getVerifier,