From e2538217e0af88b890b2869d9ff17cdbbdc27b21 Mon Sep 17 00:00:00 2001 From: Billy Booth Date: Tue, 5 Aug 2025 15:53:13 -0500 Subject: [PATCH] Align DeviceCodeRequest/UsernamePasswordRequest scopes construction with TokenClient/ScopeHelper * Brings DeviceCodeRequest and UsernamePasswordRequest scopes production into somewhat better alignment with TokenClient.GetDefaultScopes(). * Allows OAuth2Value.ReservedScopes to be respected across all grant types. --- .../Internal/Requests/DeviceCodeRequest.cs | 7 ++----- .../Internal/Requests/UsernamePasswordRequest.cs | 9 ++------- 2 files changed, 4 insertions(+), 12 deletions(-) diff --git a/src/client/Microsoft.Identity.Client/Internal/Requests/DeviceCodeRequest.cs b/src/client/Microsoft.Identity.Client/Internal/Requests/DeviceCodeRequest.cs index 8a9a7460ef..39fb9cb48a 100644 --- a/src/client/Microsoft.Identity.Client/Internal/Requests/DeviceCodeRequest.cs +++ b/src/client/Microsoft.Identity.Client/Internal/Requests/DeviceCodeRequest.cs @@ -31,11 +31,8 @@ protected override async Task ExecuteAsync(CancellationTok var client = new OAuth2Client(ServiceBundle.ApplicationLogger, ServiceBundle.HttpManager, null); - var deviceCodeScopes = new HashSet(); - deviceCodeScopes.UnionWith(AuthenticationRequestParameters.Scope); - deviceCodeScopes.Add(OAuth2Value.ScopeOfflineAccess); - deviceCodeScopes.Add(OAuth2Value.ScopeProfile); - deviceCodeScopes.Add(OAuth2Value.ScopeOpenId); + var deviceCodeScopes = new HashSet(AuthenticationRequestParameters.Scope); + deviceCodeScopes.UnionWith(OAuth2Value.ReservedScopes); client.AddBodyParameter(OAuth2Parameter.ClientId, AuthenticationRequestParameters.AppConfig.ClientId); client.AddBodyParameter(OAuth2Parameter.Scope, deviceCodeScopes.AsSingleString()); diff --git a/src/client/Microsoft.Identity.Client/Internal/Requests/UsernamePasswordRequest.cs b/src/client/Microsoft.Identity.Client/Internal/Requests/UsernamePasswordRequest.cs index 1b049b6223..fc50f61f4d 100644 --- a/src/client/Microsoft.Identity.Client/Internal/Requests/UsernamePasswordRequest.cs +++ b/src/client/Microsoft.Identity.Client/Internal/Requests/UsernamePasswordRequest.cs @@ -187,14 +187,9 @@ private Dictionary GetAdditionalBodyParameters(UserAssertion use dict[OAuth2Parameter.Password] = _usernamePasswordParameters.Password; } - ISet unionScope = new HashSet() - { - OAuth2Value.ScopeOpenId, - OAuth2Value.ScopeOfflineAccess, - OAuth2Value.ScopeProfile - }; + var unionScope = new HashSet(AuthenticationRequestParameters.Scope); + unionScope.UnionWith(OAuth2Value.ReservedScopes); - unionScope.UnionWith(AuthenticationRequestParameters.Scope); dict[OAuth2Parameter.Scope] = unionScope.AsSingleString(); dict[OAuth2Parameter.ClientInfo] = "1";