mirror
/
dex
mirror of https://github.com/dexidp/dex.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge 6011ef8cfa into 13f012fb81

pull/2877/merge
Hüda 4 days ago committed by GitHub
parent
13f012fb81 6011ef8cfa
commit
e194381a86
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 9 additions and 11 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 18
      connector/microsoft/microsoft.go
  2. 2
      connector/microsoft/microsoft_test.go

18
connector/microsoft/microsoft.go
Unescape View File

@ -32,11 +32,11 @@ const (
)
const (
// Microsoft requires this scope to access user's profile
scopeUser = "user.read"
// Microsoft requires this scope to list groups the user is a member of
// and resolve their ids to groups names.
scopeGroups = "directory.read.all"
// Microsoft requires the scopes to start with openid
scopeOpenID = "openid"
// Get the permissions configured on the application registration
// see https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#the-default-scope
scopeDefault = "https://graph.microsoft.com/.default"
// Microsoft requires this scope to return a refresh token
// see https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#offline_access
scopeOfflineAccess = "offline_access"
@ -62,7 +62,7 @@ type Config struct {
PromptType string `json:"promptType"`
DomainHint string `json:"domainHint"`
Scopes []string `json:"scopes"` // defaults to scopeUser (user.read)
Scopes []string `json:"scopes"` // defaults to scopeOpenID (openid)
}
// Open returns a strategy for logging in through Microsoft.
@ -153,11 +153,9 @@ func (c *microsoftConnector) oauth2Config(scopes connector.Scopes) *oauth2.Confi
if len(c.scopes) > 0 {
microsoftScopes = c.scopes
} else {
microsoftScopes = append(microsoftScopes, scopeUser)
}
if c.groupsRequired(scopes.Groups) {
microsoftScopes = append(microsoftScopes, scopeGroups)
microsoftScopes = append(microsoftScopes, scopeOpenID)
}
microsoftScopes = append(microsoftScopes, scopeDefault)
if scopes.OfflineAccess {
microsoftScopes = append(microsoftScopes, scopeOfflineAccess)

2
connector/microsoft/microsoft_test.go
Unescape View File

@ -49,7 +49,7 @@ func TestLoginURL(t *testing.T) {
expectEquals(t, queryParams.Get("client_id"), clientID)
expectEquals(t, queryParams.Get("redirect_uri"), testURL)
expectEquals(t, queryParams.Get("response_type"), "code")
expectEquals(t, queryParams.Get("scope"), "user.read")
expectEquals(t, queryParams.Get("scope"), "openid https://graph.microsoft.com/.default")
expectEquals(t, queryParams.Get("state"), testState)
expectEquals(t, queryParams.Get("prompt"), "")
expectEquals(t, queryParams.Get("domain_hint"), "")

Write Preview
Loading…
Cancel
Save