Closed r-brown closed 5 years ago
TODO: verify, that new Licensees can be auto-created upon first validation, so further methods calls won't cause such errors.
TODO: add consent verification before token get request
The problem is that we use the API licensee role to validate and create the token. If we want to make sure that Licensee can be created automatically, we need to get the product (check licensee auto-create property) and get the licensee (check if it exists), but the role "licensee" doesn't have these rights (throw 403 Access Denied ).
As discussed all NLIC requests should be avoided without given user consent; e.g.
PluginPass used (developer) should be able to handle this case by requesting user consent; see also #13
Please also update:
Following sample code https://github.com/Labs64/PluginPass/blob/master/examples/class-pluginpass-demo-settings.php#L95 return "No Consent" even after _setconsent() was called.
@v-rudkovskiy please improve above sample, so this:
Valid / not valid status mixed
Attempt to validate new Licensee fails with the message:
which is related to the Token Creation: request
response