@@ -121,7 +121,12 @@ def handle_authn_response(self, context, internal_resp, extra_id_token_claims=No
121121
122122 attributes = self .converter .from_internal ("openid" , internal_resp .attributes )
123123 self .user_db [internal_resp .subject_id ] = {k : v [0 ] for k , v in attributes .items ()}
124- auth_resp = self .provider .authorize (auth_req , internal_resp .subject_id , extra_id_token_claims )
124+ auth_resp = self .provider .authorize (
125+ auth_req ,
126+ internal_resp .subject_id ,
127+ extra_id_token_claims = extra_id_token_claims ,
128+ extra_scopes = self .config .get ("extra_scopes" ),
129+ )
125130
126131 del context .state [self .name ]
127132 http_response = auth_resp .request (auth_req ["redirect_uri" ], should_fragment_encode (auth_req ))
@@ -352,7 +357,11 @@ def userinfo_endpoint(self, context):
352357 headers = {"Authorization" : context .request_authorization }
353358
354359 try :
355- response = self .provider .handle_userinfo_request (urlencode (context .request ), headers )
360+ response = self .provider .handle_userinfo_request (
361+ request = urlencode (context .request ),
362+ http_headers = headers ,
363+ extra_scopes = self .config .get ("extra_scopes" ),
364+ )
356365 return Response (response .to_json (), content = "application/json" )
357366 except (BearerTokenError , InvalidAccessToken ) as e :
358367 error_resp = UserInfoErrorResponse (error = 'invalid_token' , error_description = str (e ))
0 commit comments