[client] list JWT scopes

[capcom6]

Summary by CodeRabbit

Release Notes

• New Features

  • Added JWT authorization scopes system enabling granular API token permissions across devices, inbox, logs, messages, settings, tokens, and webhooks.

• Refactor

  • Improved type safety for token request scope handling.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR adds type-safe JWT authorization scopes to the SMS gateway Go client by introducing a JWTScope type alias in a new domain file and replacing the generic string slice in the TokenRequest DTO with typed scope references.

Changes

JWT Scope Type Safety

Layer / File(s)	Summary
Scope Type and Constants smsgateway/domain_auth.go	New file introduces JWTScope string type alias and exports 15 scope constants across authorization areas: devices, inbox, logs, messages, settings, tokens, and webhooks.
DTO Integration smsgateway/dto_auth.go	TokenRequest.Scopes field changes from []string to []JWTScope, preserving JSON tag and validation rules.

🎯 1 (Trivial) | ⏱️ ~5 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: introducing JWT scope constants and types in the domain_auth.go file for listing/defining available JWT scopes.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@smsgateway/domain_auth.go`:
- Line 3: The JWTScope currently defined as a type alias (JWTScope = string)
should be a distinct type to enforce compile-time safety; change the declaration
to a defined type (remove the '=' so JWTScope is its own type), update any
constants to use explicit JWTScope conversions and adjust usages that accept or
return []JWTScope (e.g., functions/methods referencing JWTScope, slices, or
maps) to cast string literals or string slices to JWTScope where needed and
update any callers accordingly so code compiles with the new distinct type.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 276ae6c5-b541-4775-8bd7-db4f2a440c6f

📥 Commits

Reviewing files that changed from the base of the PR and between 964d39f and 901904d.

📒 Files selected for processing (2)

• smsgateway/domain_auth.go
• smsgateway/dto_auth.go

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major | ⚡ Quick win

Consider using a distinct type instead of a type alias.

The current definition type JWTScope = string creates a type alias, which means JWTScope and string are completely interchangeable. This doesn't provide compile-time type safety—any string can be assigned to a []JWTScope parameter without conversion.

To achieve the "type-safe JWT authorization scopes" goal stated in the PR description, consider using a distinct type definition instead:

-type JWTScope = string
+type JWTScope string

With a distinct type (no =), callers would need to explicitly convert strings or use the predefined constants, providing stronger type safety and making misuse more difficult.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	type JWTScope = string
	type JWTScope string

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@smsgateway/domain_auth.go` at line 3, The JWTScope currently defined as a
type alias (JWTScope = string) should be a distinct type to enforce compile-time
safety; change the declaration to a defined type (remove the '=' so JWTScope is
its own type), update any constants to use explicit JWTScope conversions and
adjust usages that accept or return []JWTScope (e.g., functions/methods
referencing JWTScope, slices, or maps) to cast string literals or string slices
to JWTScope where needed and update any callers accordingly so code compiles
with the new distinct type.