Skip to content

OpenIdProvider.authorize not adding scopes to request parameters #1374

New issue
New issue
Closed
Closed
OpenIdProvider.authorize not adding scopes to request parameters#1374
Labels
bugSomething isn't working
@mreilaender

Description

@mreilaender
mreilaender
opened on Jun 24, 2024

Describe the bug

Scopes provided in the AuthorizationRequest given to openIdProvider.authorize are not included in the resulting URI.

Expected behavior

Expected URI should be

https://login.inrupt.com/authorization?client_id=client-id-from-response&redirect_uri=http://localhost:8080/callback&response_type=code 1&scope=openid%2Cwebid%2Coffline_access

Actual behavior

Actual URI is

https://login.inrupt.com/authorization?client_id=client-id-from-response&redirect_uri=http://localhost:8080/callback&response_type=code 1

How to reproduce?

import java.net.URI

val openIdProvider = OpenIdProvider(URI.create("https://login.inrupt.com"), DPoP.of())

val authRequest = AuthorizationRequest.newBuilder()
  .responseType("code")
  .scope("openid").scope("webid").scope("offline_access")
  .build("<client-id-from-reponse>", URI.create("http://localhost:8080/callback"))

val request = Request.newBuilder()
  .uri(openIdProvider.authorize(authRequest).toCompletableFuture().get())
  .GET()
  .build()

return "redirect:${request.uri()}"

Output of java -version

No response

Maven version

No response

Additional information

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions