andriizhegurov-okta
commented
2 years ago Thank you for reporting the bug. I've added an item to our backlog to address it.
Closed brett-estabrook closed 2 years ago
andriizhegurov-okta
commented
2 years ago Thank you for reporting the bug. I've added an item to our backlog to address it.
bryanapellanes-okta
commented
2 years ago New nuget package should be published shortly.
Describe the bug?
The operation performed at this location:
https://github.com/okta/okta-oidc-xamarin/blob/1804287da7dfa2f4e74feb2ea697c8520ed41f1f/Okta.Xamarin/Okta.Xamarin/OidcClient.cs#L255
Forces the scope to be offline_access and openid. This may be different than the original access token.
What is expected to happen?
It should make use of the scopes defined in the config. Something like below.
https://github.com/okta/okta-oidc-xamarin/blob/1804287da7dfa2f4e74feb2ea697c8520ed41f1f/Okta.Xamarin/Okta.Xamarin/OidcClient.cs#L500
What is the actual behavior?
It only uses the scopes offline_access and openid
Reproduction Steps?
First sign in with additional scopes (Like email), then refresh the token. You will now have fewer scopes
Additional Information?
No response
Dotnet Information
Xamarin.Forms 5.x
SDK Version
3.x
OS version
iOS