We need the user ID in our finalizeScopes() implementation to adjust the selection of scopes. As of version 9.0, the finalizeScopes() method is also called for the RefreshTokenGrant, but the user ID is not currently passed to the finalizeScopes() method. Since the user ID is in the old refresh token, it can be passed from there.
We need the user ID in our
finalizeScopes()
implementation to adjust the selection of scopes. As of version 9.0, thefinalizeScopes()
method is also called for theRefreshTokenGrant
, but the user ID is not currently passed to thefinalizeScopes()
method. Since the user ID is in the old refresh token, it can be passed from there.