accept scope as array, use scope as delimited string

This commit is contained in:
AJ ONeal 2017-11-29 04:17:43 +00:00
parent d87645d135
commit 23db17a31e
2 changed files with 2 additions and 2 deletions

View File

@ -169,7 +169,7 @@
} }
, scope: { , scope: {
parse: function (scope) { parse: function (scope) {
return (scope||'').split(/[+, ]+/g); return (scope||'').toString().split(/[+, ]+/g);
} }
, stringify: function (scope) { , stringify: function (scope) {
if (Array.isArray(scope)) { if (Array.isArray(scope)) {

View File

@ -371,7 +371,7 @@ OAUTH3.authn.resourceOwnerPassword = function (directive, opts) {
OAUTH3.authz = {}; OAUTH3.authz = {};
OAUTH3.authz.scopes = function (providerUri, session, clientParams) { OAUTH3.authz.scopes = function (providerUri, session, clientParams) {
var clientUri = OAUTH3.uri.normalize(clientParams.client_uri || OAUTH3._browser.window.document.referrer); var clientUri = OAUTH3.uri.normalize(clientParams.client_uri || OAUTH3._browser.window.document.referrer);
var scope = clientParams.scope || [ 'authn@oauth3.org' ]; var scope = clientParams.scope || 'authn@oauth3.org';
if ('authn@oauth3.org' === scope.toString()) { if ('authn@oauth3.org' === scope.toString()) {
// implicit ppid grant is automatic // implicit ppid grant is automatic
console.warn('[security] fix scope checking on backend so that we can do automatic grants'); console.warn('[security] fix scope checking on backend so that we can do automatic grants');