+
Skip to content

Cannot request additional scopes when using the account console #35060

@pedroigor

Description

@pedroigor

Before reporting an issue

  • I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

account/api

Describe the bug

Trying to request additional scopes when authenticating to the account console does not grant the requested scopes. This is a regression introduced by #32686.

After the user is successfully authenticated and redirected back to the account console for the very first time, the user is redirected back to the server because it is the first time accessing the account console. At this point, the authorization request does not contain any scope parameter, and the scopes previously requested are ignored.

[1] #32686

Version

999-SNAPSHOT

Regression

  • The issue is a regression

Expected behavior

Any scope requested when changing the scope parameter when at the login page needs to be granted.

Actual behavior

Any scope requested when changing the scope parameter at the login page is not granted.

How to Reproduce?

  • Reach the account console at http://localhost:8180/realms/{realm}/account/
  • At the login page, add/set the scope parameter to phone to request this scope
  • Authenticate
  • Check if the token issued by the server holds the phone scope

Anything else?

No response

Metadata

Metadata

Assignees

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions

    点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载