scopePrefix breaks `openid`, `email`, `profile`

google / oauth2l

oauth2l ("oauth tool") is a simple CLI for interacting with Google API authentication.

Apache License 2.0

643 stars 81 forks source link

scopePrefix breaks `openid`, `email`, `profile` #71

Closed elyobo closed 5 years ago

elyobo commented 5 years ago

The automatic use of scopePrefix breaks openid, email, profile

Editing the generated URL to remove the scope prefixes (i.e. using scope=openid+email+profile instead of the scopes shown in the screenshot) causes it to work as expected.

andyrzhao commented 5 years ago

Sounds like "openid", "email", and "profile" are the only exceptions we need to handle according to https://developers.google.com/identity/protocols/OpenIDConnect correct? If so, I can add a regex matcher to skip appending scopePrefix for these scopes.

elyobo commented 5 years ago

They're the only ones that I see without a full URL scope in the Google Sign In scopes.

elyobo commented 5 years ago

Thanks @andyrzhao and @shinfan :)