oro-sdk 3.17.0 → 3.18.0

package/package.json

@@ -1,5 +1,5 @@
 {
-    "version": "3.17.0",
+    "version": "3.18.0",
     "main": "dist/index.js",
     "typings": "dist/index.d.ts",
     "files": [

package/src/client.ts

@@ -702,6 +702,8 @@ export class OroClient {
 
         // We're using the account role to determine the way a grant is accessed
         let currentAccountRole = await this.getAccountRole()
+        if (currentAccountRole.length === 1 && currentAccountRole[0] === OtherRoleType.User)
+            return []
 
         if ([OtherRoleType.Patient, OtherRoleType.User].every(requiredRole => currentAccountRole.includes(requiredRole))) {
             let encryptedGrants

package/src/helpers/patient-registration.ts

@@ -269,13 +269,19 @@ async function getOrCreatePatientLockbox(oroClient: OroClient): Promise<Uuid> {
     if (grants.length > 0) {
         console.log('The grant has already been created, skipping lockbox create step')
         return grants[0].lockboxUuid!
-    } else
-        return (
+    } else {
+        let lockboxResponse =
             await oroClient.vaultClient.lockboxCreate().catch((err) => {
                 console.error('Error while creating lockbox', err)
                 throw err
             })
-        ).lockboxUuid
+        // Since the creation of a lockbox will change the scope of a user, we will force refresh the tokens
+        let tokens = await oroClient.guardClient.authRefresh()
+        await oroClient.guardClient.setTokens({ accessToken: tokens.accessToken, refreshToken: tokens.refreshToken })
+        await oroClient.guardClient.whoAmI(true)
+
+        return lockboxResponse.lockboxUuid
+    }
 }
 
 /**