diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-10-30 22:00:35 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-10-30 22:00:35 -0700 |
| commit | fa0da3ffda98965e984d81564debd8bd4ee26961 (patch) | |
| tree | b8774d6114a6c62cb808cd989946ff6da1f9a8da /src/DotNetOpenAuth.OAuth2.Client/OAuth2 | |
| parent | 07c0de18759d4e290435986ad7efd8cc114439b4 (diff) | |
| download | DotNetOpenAuth-fa0da3ffda98965e984d81564debd8bd4ee26961.zip DotNetOpenAuth-fa0da3ffda98965e984d81564debd8bd4ee26961.tar.gz DotNetOpenAuth-fa0da3ffda98965e984d81564debd8bd4ee26961.tar.bz2 | |
Authorization servers can override the granted scopes for all grant types.
This change adds the ability for authorization servers to override the granted scopes of client credential and resource owner password grant types.
Fixes #225
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2.Client/OAuth2')
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs index c983f8c..869afe8 100644 --- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs @@ -372,6 +372,7 @@ namespace DotNetOpenAuth.OAuth2 { var failure = response as AccessTokenFailedResponse; ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany); if (success != null) { + authorizationState.Scope.Clear(); // clear the scope we requested so that the response will repopulate it. UpdateAuthorizationWithResponse(authorizationState, success); } else { // failure Logger.OAuth.Info("Credentials rejected by the Authorization Server."); |