updated application to check for contextual permissions

src/HopFrame.Security/Authentication/HopFrameAuthentication.cs

@@ -47,15 +47,7 @@ public class HopFrameAuthentication(
             new(HopFrameClaimTypes.UserId, tokenEntry.Owner.Id.ToString())
         };
 
-        IList<string> permissions;
-
-        if (tokenEntry.Type == Token.ApiTokenType) {
-            permissions = await perms.GetFullPermissions(tokenEntry);
-        }
-        else {
-            permissions = await perms.GetFullPermissions(tokenEntry.Owner);
-        }
-        
+        var permissions  = await perms.GetFullPermissions(tokenEntry);
         claims.AddRange(permissions.Select(perm => new Claim(HopFrameClaimTypes.Permission, perm)));
 
         var principal = new ClaimsPrincipal();

src/HopFrame.Security/Claims/ITokenContext.cs

@@ -21,4 +21,6 @@ public interface ITokenContext {
     /// The access token the user provided
     /// </summary>
     Token AccessToken { get; }
+    
+    IList<string> ContextualPermissions { get; }
 }

src/HopFrame.Security/Claims/TokenContextImplementor.cs

@@ -4,10 +4,12 @@ using Microsoft.AspNetCore.Http;
 
 namespace HopFrame.Security.Claims;
 
-internal sealed class TokenContextImplementor(IHttpContextAccessor accessor, IUserRepository users, ITokenRepository tokens) : ITokenContext {
+internal sealed class TokenContextImplementor(IHttpContextAccessor accessor, IUserRepository users, ITokenRepository tokens, IPermissionRepository permissions) : ITokenContext {
     public bool IsAuthenticated => !string.IsNullOrEmpty(accessor.HttpContext?.User.GetAccessTokenId());
 
     public User User => users.GetUser(Guid.Parse(accessor.HttpContext?.User.GetUserId() ?? Guid.Empty.ToString())).GetAwaiter().GetResult();
 
     public Token AccessToken => tokens.GetToken(accessor.HttpContext?.User.GetAccessTokenId()).GetAwaiter().GetResult();
+
+    public IList<string> ContextualPermissions => permissions.GetFullPermissions(AccessToken).GetAwaiter().GetResult();
 }