Setting up a hook that 1- add scopes 2- return only requested scopes
module.exports = function(client, scope, audience, context, cb) {
var access_token = {};
access_token.scope = scope;
//grouping the app ids
const app_group1= ["id1", "id2", "id3"];
//condition - if incoming client id is inthe app_group1 id
if (app_group1.some(app => app === client.id)) {
//add scopes
access_token.scope.push('a', 'b', 'c');
}
// return only the intersection with those scopes
// that were originally granted (the scope parameter)
access_token.scope = requestedScopes.filter(x => scope.indexOf(x) !== -1);
// restrict scopes to those requested by the application
var requestedScopes = (context.body.scope || "").split(' ');
cb(null, access_token);
};
However above hook returns error, not sure what I’m doing wrong.
Any help would be appreciated!
(P.S I leveraged Nicolas’ script for returning requested scopes in here: Client credentials request ignores scope parameter? - #2 by nicolas_sabena )