File tree Expand file tree Collapse file tree 2 files changed +33
-1
lines changed Expand file tree Collapse file tree 2 files changed +33
-1
lines changed Original file line number Diff line number Diff line change @@ -177,6 +177,31 @@ describe("OAuth Authorization", () => {
177177 expect ( codeVerifier ) . toBe ( "test_verifier" ) ;
178178 } ) ;
179179
180+ it ( "includes scope parameter when provided" , async ( ) => {
181+ const { authorizationUrl } = await startAuthorization (
182+ "https://auth.example.com" ,
183+ {
184+ clientInformation : validClientInfo ,
185+ redirectUrl : "http://localhost:3000/callback" ,
186+ scope : "read write profile" ,
187+ }
188+ ) ;
189+
190+ expect ( authorizationUrl . searchParams . get ( "scope" ) ) . toBe ( "read write profile" ) ;
191+ } ) ;
192+
193+ it ( "excludes scope parameter when not provided" , async ( ) => {
194+ const { authorizationUrl } = await startAuthorization (
195+ "https://auth.example.com" ,
196+ {
197+ clientInformation : validClientInfo ,
198+ redirectUrl : "http://localhost:3000/callback" ,
199+ }
200+ ) ;
201+
202+ expect ( authorizationUrl . searchParams . has ( "scope" ) ) . toBe ( false ) ;
203+ } ) ;
204+
180205 it ( "uses metadata authorization_endpoint when provided" , async ( ) => {
181206 const { authorizationUrl } = await startAuthorization (
182207 "https://auth.example.com" ,
Original file line number Diff line number Diff line change @@ -145,7 +145,8 @@ export async function auth(
145145 const { authorizationUrl, codeVerifier } = await startAuthorization ( serverUrl , {
146146 metadata,
147147 clientInformation,
148- redirectUrl : provider . redirectUrl
148+ redirectUrl : provider . redirectUrl ,
149+ scope : provider . clientMetadata . scope
149150 } ) ;
150151
151152 await provider . saveCodeVerifier ( codeVerifier ) ;
@@ -202,10 +203,12 @@ export async function startAuthorization(
202203 metadata,
203204 clientInformation,
204205 redirectUrl,
206+ scope,
205207 } : {
206208 metadata ?: OAuthMetadata ;
207209 clientInformation : OAuthClientInformation ;
208210 redirectUrl : string | URL ;
211+ scope ?: string ;
209212 } ,
210213) : Promise < { authorizationUrl : URL ; codeVerifier : string } > {
211214 const responseType = "code" ;
@@ -246,6 +249,10 @@ export async function startAuthorization(
246249 codeChallengeMethod ,
247250 ) ;
248251 authorizationUrl . searchParams . set ( "redirect_uri" , String ( redirectUrl ) ) ;
252+
253+ if ( scope ) {
254+ authorizationUrl . searchParams . set ( "scope" , scope ) ;
255+ }
249256
250257 return { authorizationUrl, codeVerifier } ;
251258}
You can’t perform that action at this time.
0 commit comments