providers/oauth2: fix token endpoint creating invalid token when no scopes are passed
This commit is contained in:
parent
b747022bc1
commit
dff5eb69c8
|
@ -93,7 +93,10 @@ class TokenParams:
|
||||||
self.refresh_token = RefreshToken.objects.get(
|
self.refresh_token = RefreshToken.objects.get(
|
||||||
refresh_token=raw_token, provider=self.provider
|
refresh_token=raw_token, provider=self.provider
|
||||||
)
|
)
|
||||||
|
# https://tools.ietf.org/html/rfc6749#section-6
|
||||||
|
# Fallback to original token's scopes when none are given
|
||||||
|
if self.scope == []:
|
||||||
|
self.scope = self.refresh_token.scope
|
||||||
except RefreshToken.DoesNotExist:
|
except RefreshToken.DoesNotExist:
|
||||||
LOGGER.warning(
|
LOGGER.warning(
|
||||||
"Refresh token does not exist",
|
"Refresh token does not exist",
|
||||||
|
|
Reference in a new issue