I have the below code snippet where I define in requestedScopes what scopes of a user I want the token to have. But, instead of recieving the scopes of the requestedScopes that a user have, I’m recieving the same requested scopes that i passed.
I know my topic has little information, but in case someone wants to see another configuration/code just let me know.
requestedScopes = 'openid profile delete:posts edit:posts';
options = {
allowSignUp: false,
allowedConnections: ['Username-Password-Authentication', 'google-oauth2'],
allowShowPassword: true,
autoclose: true,
auth: {
redirectUrl: AUTH_CONFIG.callbackUrl,
responseType: 'token id_token',
params: {
scope: this.requestedScopes
},
sso: false,
audience: "http://integralse.com.br/api",
},
};
lock = new Auth0Lock(AUTH_CONFIG.clientId, AUTH_CONFIG.domain, this.options);
constructor() {
this.handleAuthentication();
this.login = this.login.bind(this);
this.logout = this.logout.bind(this);
this.isAuthenticated = this.isAuthenticated.bind(this);
}
login() {
this.lock.show();
}
handleAuthentication() {
// Add a callback for Lock's `authenticated` event
this.lock.on('authenticated', this.setSession.bind(this));
// Add a callback for Lock's `authorization_error` event
this.lock.on('authorization_error', (err) => {
console.log(err);
alert(`Error: ${err.error}. Check the console for further details.`);
history.replace('/');
});
}
setSession(authResult) {
const scopes = authResult.scope || this.requestedScopes || '';
if (authResult && authResult.accessToken && authResult.idToken) {
// Set the time that the access token will expire at
let expiresAt = JSON.stringify((authResult.expiresIn * 1000) + new Date().getTime());
localStorage.setItem('access_token', authResult.accessToken);
localStorage.setItem('id_token', authResult.idToken);
localStorage.setItem('expires_at', expiresAt);
localStorage.setItem('scopes', JSON.stringify(scopes));
// navigate to the home route
history.replace('/admin');
}