Name scopes param consistantly

Author: sam-muncke

src/auth0_fastapi/auth/auth_client.py

@@ -90,6 +90,7 @@ async def complete_login(
     async def start_connect_account(
         self,
         connection: str,
+        scopes: list[str] | None = None,
         app_state: dict = None,
         authorization_params: dict = None,
         store_options: dict = None,
@@ -101,6 +102,7 @@ async def start_connect_account(
         """
         options = ConnectAccountOptions(
             connection=connection,
+            scopes=scopes,
             app_state=app_state,
             authorization_params=authorization_params
         )

src/auth0_fastapi/server/routes.py

@@ -1,4 +1,4 @@
-from typing import Optional
+from typing import Optional, Annotated
 
 from fastapi import APIRouter, Depends, HTTPException, Query, Request, Response
 from fastapi.responses import RedirectResponse
@@ -93,7 +93,7 @@ async def callback(
             # Assuming config is stored on app.state
             default_redirect = auth_client.config.app_base_url
 
-            safe_redirect = to_safe_redirect(return_to or default_redirect, auth_client.config.app_base_url)
+            safe_redirect = to_safe_redirect(return_to, default_redirect) if return_to else str(default_redirect)
             return RedirectResponse(url=safe_redirect, headers=response.headers)
 
         @router.get("/auth/logout")
@@ -147,18 +147,20 @@ async def connect_account(
             request: Request,
             response: Response,
             connection: str = Query(),
+            scopes: Annotated[list[str] | None, Query()] = None,
+            return_to: str = Query(default=None),
             auth_client: AuthClient = Depends(get_auth_client),
         ):
             """
             Endpoint to initiate the connect account flow for linking a third-party account to the user's profile.
             Redirects the user to the Auth0 connect account URL.
             """
-            authorization_params = {
-                k: v for k, v in request.query_params.items() if k not in ["connection", "returnTo"]}
+            authorization_params = { 
+                k: v for k, v in request.query_params.items() if k not in ["connection", "returnTo", "scope"]}
 
-            return_to = request.query_params.get("returnTo")
             connect_account_url = await auth_client.start_connect_account(
                 connection=connection,
+                scopes=scopes,
                 app_state={"returnTo": return_to} if return_to else None,
                 authorization_params=authorization_params,
                 store_options={"request": request, "response": response},

src/auth0_fastapi/test/test_auth_client.py

@@ -408,6 +408,7 @@ async def test_start_connect_account(self, auth_client):
 
             result = await auth_client.start_connect_account(
                 connection="google-oauth2",
+                scopes=["openid", "profile", "email"],
                 app_state={"returnTo": "/profile"},
                 authorization_params={"prompt": "consent"},
             )
@@ -417,6 +418,7 @@ async def test_start_connect_account(self, auth_client):
                 options=ConnectAccountOptions(
                     connection="google-oauth2",
                     app_state={"returnTo": "/profile"},
+                    scopes=["openid", "profile", "email"],
                     authorization_params={"prompt": "consent"},
                 ), store_options=None)