Merge pull request #37 from auth0/bugfix-scope-overriden

Fix scope being overriden during WebAuth
auth0 · Nov 22, 2016 · cd14165 · cd14165
2 parents f481534 + b4a173a
commit cd14165
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 6 deletions.
diff --git a/auth0/src/main/java/com/auth0/android/provider/WebAuthProvider.java b/auth0/src/main/java/com/auth0/android/provider/WebAuthProvider.java
@@ -118,7 +118,7 @@ public static class Builder {
             this.useCodeGrant = true;
             this.parameters = new HashMap<>();
             this.state = UUID.randomUUID().toString();
-            this.scope = SCOPE_TYPE_OPENID;
+            this.scope = null;
         }
 
         /**
@@ -439,10 +439,8 @@ private Uri buildAuthorizeUri() {
         if (account.getTelemetry() != null) {
             queryParameters.put(KEY_TELEMETRY, account.getTelemetry().getValue());
         }
-        if (scope != null) {
-            queryParameters.put(KEY_SCOPE, scope);
-        }
 
+        queryParameters.put(KEY_SCOPE, getScope());
         queryParameters.put(KEY_STATE, state);
         queryParameters.put(KEY_CONNECTION, connectionName);
         queryParameters.put(KEY_CLIENT_ID, account.getClientId());
@@ -481,7 +479,10 @@ String getState() {
     }
 
     String getScope() {
-        return scope;
+        if (this.scope != null) {
+            return this.scope;
+        }
+        return this.parameters.get(KEY_SCOPE) != null ? (String) this.parameters.get(KEY_SCOPE) : SCOPE_TYPE_OPENID;
     }
 
     String getConnectionScope() {

diff --git a/auth0/src/test/java/com/auth0/android/provider/WebAuthProviderTest.java b/auth0/src/test/java/com/auth0/android/provider/WebAuthProviderTest.java
@@ -10,6 +10,7 @@
 
 import com.auth0.android.Auth0;
 import com.auth0.android.authentication.AuthenticationException;
+import com.auth0.android.authentication.ParameterBuilder;
 import com.auth0.android.result.Credentials;
 
 import org.hamcrest.Matchers;
@@ -25,6 +26,7 @@
 import org.mockito.stubbing.Answer;
 import org.robolectric.Robolectric;
 import org.robolectric.RobolectricGradleTestRunner;
+import org.robolectric.RobolectricTestRunner;
 import org.robolectric.annotation.Config;
 
 import java.util.HashMap;
@@ -57,7 +59,7 @@
 import static org.mockito.Mockito.verifyNoMoreInteractions;
 import static org.mockito.Mockito.when;
 
-@RunWith(RobolectricGradleTestRunner.class)
+@RunWith(RobolectricTestRunner.class)
 @Config(constants = com.auth0.android.auth0.BuildConfig.class, sdk = 18, manifest = Config.NONE)
 public class WebAuthProviderTest {
 
@@ -146,6 +148,17 @@ public void shouldHaveDefaultScope() throws Exception {
         assertThat(instance.getScope(), is(SCOPE_OPEN_ID));
     }
 
+    @Test
+    public void shouldNotOverrideScopeValue() throws Exception {
+        Map<String, Object> parameters = ParameterBuilder.newBuilder().setScope("openid email picture").asDictionary();
+        WebAuthProvider.init(account)
+                .withParameters(parameters)
+                .start(activity, callback);
+
+        final WebAuthProvider instance = WebAuthProvider.getInstance();
+        assertThat(instance.getScope(), is("openid email picture"));
+    }
+
     @Test
     public void shouldCallStartWithRequestCode() throws Exception {
         WebAuthProvider.init(account)