Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth2 refreshTokens post request parameter of "scopes" rather than "scope" #1818

Open
jayh13 opened this issue Dec 22, 2022 · 0 comments
Open

OAuth2 refreshTokens post request parameter of "scopes" rather than "scope" #1818

jayh13 opened this issue Dec 22, 2022 · 0 comments
Labels
bug

Comments

@jayh13
Copy link

jayh13 commented Dec 22, 2022

In the OAuth2 scheme, the method "refreshTokens" makes a POST request to the token server that looks something like the following. The second query parameter in that code uses "scopes" but the spec says it should be "scope", singular. I don't know about other OAuth2 servers but in this case I'm using Azure AD and I've verified that "scope" is what it expects and it works, "scopes" does not work.

const response = await this.$auth
	.request({
		method: 'post',
		url: this.options.endpoints.token,
		baseURL: '',
		headers: {
			'Content-Type': 'application/x-www-form-urlencoded'
		},
		data: encodeQuery({
			refresh_token: removeTokenPrefix(
				refreshToken,
				this.options.token.type),
			scopes: this.scope,
			client_id: this.options.clientId + '',
			grant_type: 'refresh_token'
		})
	})
@jayh13 jayh13 added the bug label Dec 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jayh13