providers/oauth2: fix token endpoint creating invalid token when no scopes are passed
This commit is contained in:
parent
b747022bc1
commit
dff5eb69c8
|
@ -93,7 +93,10 @@ class TokenParams:
|
|||
self.refresh_token = RefreshToken.objects.get(
|
||||
refresh_token=raw_token, provider=self.provider
|
||||
)
|
||||
|
||||
# https://tools.ietf.org/html/rfc6749#section-6
|
||||
# Fallback to original token's scopes when none are given
|
||||
if self.scope == []:
|
||||
self.scope = self.refresh_token.scope
|
||||
except RefreshToken.DoesNotExist:
|
||||
LOGGER.warning(
|
||||
"Refresh token does not exist",
|
||||
|
|
Reference in a new issue