From f972240ad9e8e99b2d008e81ac5c96d7f1968b99 Mon Sep 17 00:00:00 2001
From: "amelie.haladjian" <amelie.haladjian@gmail.com>
Date: Wed, 13 Nov 2024 15:35:51 +0100
Subject: [PATCH] feat(api tester): filter tokens for 403 preparator based on
 inclusion instead of exclusion

---
 src/Preparator/Config/Error403PreparatorConfig.php | 5 +++++
 src/Preparator/Error403Preparator.php              | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/Preparator/Config/Error403PreparatorConfig.php b/src/Preparator/Config/Error403PreparatorConfig.php
index 60b52c2..5b4a11d 100644
--- a/src/Preparator/Config/Error403PreparatorConfig.php
+++ b/src/Preparator/Config/Error403PreparatorConfig.php
@@ -10,4 +10,9 @@ final class Error403PreparatorConfig extends PreparatorConfig
      * @var string[]
      */
     public array $excludedTokens = [];
+
+    /**
+     * @var string[]
+     */
+    public array $includedTokens = [];
 }
diff --git a/src/Preparator/Error403Preparator.php b/src/Preparator/Error403Preparator.php
index 51581e9..2a10365 100644
--- a/src/Preparator/Error403Preparator.php
+++ b/src/Preparator/Error403Preparator.php
@@ -29,7 +29,7 @@ protected function getTestTokens(Security $security): Tokens
         if ($security instanceof OAuth2Security) {
             $tokens = $this->tokens
                 ->filter(
-                    fn (Token $x) => !\in_array($x->getName(), $this->config->excludedTokens, true)
+                    fn (Token $x) => \in_array($x->getName(), $this->config->includedTokens, true)
                         && $security
                             ->getScopes()
                             ->select('name')