Bug: Refresh ignores scope
taaem opened this issue Β· comments
Tim Klocke commented
Capacitor version:
π Capacitor Doctor π
Latest Dependencies:
@capacitor/cli: 3.5.1
@capacitor/core: 3.5.1
@capacitor/android: 3.5.1
@capacitor/ios: 3.5.1
Installed Dependencies:
@capacitor/core: 3.5.0
@capacitor/cli: 3.5.0
@capacitor/android: 3.5.0
@capacitor/ios: 3.5.0
[success] Android looking great! π
[error] Xcode is not installed
Library version:
- 3.0.1
OAuth Provider:
- Other: Keycloak
Your Plugin Configuration
{
refreshToken: refreshToken,
scope: "email profile offline_access",
accessTokenEndpoint: OAuthConfig.accessTokenEndpoint,
appId: OAuthConfig.clientConfiguration.appId,
}
Affected Platform(s):
- Android
- Version/API Level: 30
- Device Model: Pixel 3 emulator
- Content of your
AndroidManifest.xml
<?xml version="1.0" encoding="utf-8" ?> <manifest xmlns:android="http://schemas.android.com/apk/res/android" package="de.akquinet.che.app.beta"> <application android:allowBackup="true" android:icon="@mipmap/ic_launcher" android:label="@string/app_name" android:roundIcon="@mipmap/ic_launcher_round" android:supportsRtl="true" android:theme="@style/AppTheme"> <activity android:configChanges="orientation|keyboardHidden|keyboard|screenSize|locale|smallestScreenSize|screenLayout|uiMode" android:name="de.akquinet.che.app.beta.MainActivity" android:label="@string/title_activity_main" android:theme="@style/AppTheme.NoActionBarLaunch" android:launchMode="singleTask"> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> </activity> <provider android:name="androidx.core.content.FileProvider" android:authorities="${applicationId}.fileprovider" android:exported="false" android:grantUriPermissions="true"> <meta-data android:name="android.support.FILE_PROVIDER_PATHS" android:resource="@xml/file_paths" /> </provider> </application> <!-- Permissions --> <uses-permission android:name="android.permission.INTERNET" /> </manifest>
Current Behavior
If I run Auth2Client.refreshToken({})
with the configuration I posted above, scope gets ignored (eg. I get a normal token and not an offline token). Furthermore I can see in the logs:
native OAuth2Client.refreshToken:
callbackId: "121720501"
methodName: "refreshToken"
options:
accessTokenEndpoint: "endpoint"
appId: "id"
refreshToken: "token"
scope: undefined
__proto__: Object
pluginId: "OAuth2Client"
__proto__: Object
and there I can see that the scope is set to undefined.
Expected Behavior
The scope should be respected during refresh of accessTokens.
Reproduction Steps
- Get an accessToken and a refreshToken
- Try to refresh the token with a custom scope
Tim Klocke commented
Found the issue on my end π