search

node-oauth / node-oauth2-server

🚀 The successor to oauthjs/oauth2-server. 🔒 Complete, compliant, maintained and well tested OAuth2 Server for node.js. Includes native async await and PKCE.
https://www.npmjs.com/package/@node-oauth/oauth2-server
MIT License
317 stars 46 forks source link

Poor example code for verifyScope in docs #301

Closed kristofferjansson closed 4 months ago

kristofferjansson commented 4 months ago

Hello,

The example code for verifyScope is declaring a variable authorizedScopes that is not used and also uses a variable scope that is not declared.

function verifyScope(token, requestedScopes) {
  if (!token.scope) {
    return false;
  }
  let authorizedScopes = token.scope;
  return requestedScopes.every(s => token.scope.includes(scope));
}