Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2.8.0 breaks exiting scope handling #1052

Open
MrMooky opened this issue Dec 19, 2024 · 4 comments · May be fixed by #1053
Open

2.8.0 breaks exiting scope handling #1052

MrMooky opened this issue Dec 19, 2024 · 4 comments · May be fixed by #1053

Comments

@MrMooky
Copy link

MrMooky commented Dec 19, 2024
edited
Loading

Last week's release introduced the following in the getAccessToken() function:

https://github.com/thephpleague/oauth2-client/pull/1030/files#diff-e8490e4bb8acb102745699d2bd7aa0a298d836c92d00d2ed57dd4c7ad8b24282

if (empty($options['scope'])) {
    $options['scope'] = $this->getDefaultScopes();
}

if (is_array($options['scope'])) {
    $separator = $this->getScopeSeparator();
    $options['scope'] = implode($separator, $options['scope']);
}

This broke my existing integration because previously added scopes were lost and I got an API error: ACCESS_TOKEN_SCOPE_INSUFFICIENT.

To "fix" the issue, I had to add the scopes like this while refreshing the token:

$newAccessToken = $this->provider->getAccessToken('refresh_token', [
    'refresh_token' => $existingAccessToken->getRefreshToken(),
    'scope' => ['openid', 'email', 'profile', 'https://www.googleapis.com/auth/drive.file'],
]);

All the default ('openid', 'email', 'profile') scopes, plus the one I already added while calling getAuthorizationUrl(). So to me, 2.8.0 is a breaking change that should have been mentioned.
@sandervanhooft sandervanhooft mentioned this issue Dec 20, 2024
Merged
@barryvdh barryvdh mentioned this issue Dec 21, 2024
Merged
@liayn
Copy link
Contributor

liayn commented Dec 21, 2024

Discussion to be continued in #1030 please.

@barryvdh barryvdh linked a pull request Dec 21, 2024 that will close this issue
Open
@barryvdh
Copy link
Member

Can you try if #1053 fixes your issue?

@tm1000
Copy link

tm1000 commented Dec 23, 2024

@barryvdh that fixes the issue

@jamesmacwhite jamesmacwhite mentioned this issue Dec 26, 2024
Closed
@jamesmacwhite
Copy link

I have been going crazy chasing this issue with the Google Provider where the scopes requested outside of the default were being lost on refresh token actions.

I have downgraded back to 2.7.0 temporarily to fix this. It would be good to pin this issue because the Google Provider gets broken pretty bad by this currently.

@jamesmacwhite jamesmacwhite mentioned this issue Dec 27, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Only provide scopes when set in options barryvdh/oauth2-client
5 participants
@liayn @tm1000 @barryvdh @MrMooky @jamesmacwhite