Fix AuthenticateWithDeviceAsync() to flow the scopes attached to the request model

3 years ago · 680d51d8f9
2 changed files with 7 additions and 1 deletions
--- a/src/OpenIddict.Client/OpenIddictClientHandlers.cs
+++ b/src/OpenIddict.Client/OpenIddictClientHandlers.cs
@ -2252,7 +2252,8 @@ public static partial class OpenIddictClientHandlers
                string type => type
            };

-            if (context.Scopes.Count > 0)
+            if (context.Scopes.Count > 0 &&
+                context.TokenRequest.GrantType is not (GrantTypes.AuthorizationCode or GrantTypes.DeviceCode))
            {
                // Note: the final OAuth 2.0 specification requires using a space as the scope separator.
                // Clients that need to deal with older or non-compliant implementations can register
--- a/src/OpenIddict.Client/OpenIddictClientService.cs
+++ b/src/OpenIddict.Client/OpenIddictClientService.cs
@ -734,6 +734,11 @@ public sealed class OpenIddictClientService
                            is Dictionary<string, OpenIddictParameter> parameters ? new(parameters) : new(),
                    };

+                    if (request.Scopes is { Count: > 0 })
+                    {
+                        context.Scopes.UnionWith(request.Scopes);
+                    }
+
                    if (request.Properties is { Count: > 0 })
                    {
                        foreach (var property in request.Properties)