credentials: github.com/gptscript-ai/gateway-oauth2 as myCredential with ASDF as env and "scope1 scope2" as scope and whatever as integration
When the user authenticates, their credential will have the scopes scope1 and scope2.
If I go to run the tool again later, but need an additional scope, scope3, even when I have updated it to this:
credentials: github.com/gptscript-ai/gateway-oauth2 as myCredential with ASDF as env and "scope1 scope2 scope3" as scope and whatever as integration
it will still reuse the existing myCredential from the credential store. The only way to get around this right now is for the user to delete their existing credential.
When we go to fetch a credential from the store, we need to find a way to check the requested scopes against existing scopes. Right now, the credential framework does not store the scopes for OAuth tools, but it does store refresh tokens. We probably need to follow the same pattern and start storing scopes and then comparing them.
Say I have a tool that includes this:
When the user authenticates, their credential will have the scopes
scope1
andscope2
.If I go to run the tool again later, but need an additional scope,
scope3
, even when I have updated it to this:it will still reuse the existing
myCredential
from the credential store. The only way to get around this right now is for the user to delete their existing credential.When we go to fetch a credential from the store, we need to find a way to check the requested scopes against existing scopes. Right now, the credential framework does not store the scopes for OAuth tools, but it does store refresh tokens. We probably need to follow the same pattern and start storing scopes and then comparing them.