Added OIDC scope management (#1049)

* added OIDC scope management * Remove errant code comment
2025-12-22 19:23:45 +00:00 · 2020-12-18 11:07:31 -05:00
parent 97ba472606
commit fd293dd183
2 changed files with 65 additions and 0 deletions
--- a/bitwarden_license/src/Sso/Utilities/DynamicAuthenticationSchemeProvider.cs
+++ b/bitwarden_license/src/Sso/Utilities/DynamicAuthenticationSchemeProvider.cs
@@ -318,6 +318,18 @@ namespace Bit.Core.Business.Sso
                AuthenticationMethod = config.RedirectBehavior,
                GetClaimsFromUserInfoEndpoint = config.GetClaimsFromUserInfoEndpoint,
            };
+            if (!oidcOptions.Scope.Contains(OpenIdConnectScopes.OpenId))
+            {
+                oidcOptions.Scope.Add(OpenIdConnectScopes.OpenId);
+            }
+            if (!oidcOptions.Scope.Contains(OpenIdConnectScopes.Email))
+            {
+                oidcOptions.Scope.Add(OpenIdConnectScopes.Email);
+            }
+            if (!oidcOptions.Scope.Contains(OpenIdConnectScopes.Profile))
+            {
+                oidcOptions.Scope.Add(OpenIdConnectScopes.Profile);
+            }

            return new DynamicAuthenticationScheme(name, name, typeof(OpenIdConnectHandler),
                oidcOptions, SsoType.OpenIdConnect);