1
0
forked from baron/baron-sso

consent 권한 목록에서 offline_access 표시

This commit is contained in:
2026-06-17 09:57:42 +09:00
parent 62d8563836
commit 95ac26734a
2 changed files with 9 additions and 9 deletions

View File

@@ -1,11 +1,11 @@
bool isRefreshTokenScopeAlias(String scope) { bool isOfflineScopeAlias(String scope) {
final normalized = scope.trim().toLowerCase(); final normalized = scope.trim().toLowerCase();
return normalized == 'offline' || normalized == 'offline_access'; return normalized == 'offline';
} }
List<String> filterConsentScopes(Iterable<String> scopes) { List<String> filterConsentScopes(Iterable<String> scopes) {
return scopes return scopes
.map((scope) => scope.trim()) .map((scope) => scope.trim())
.where((scope) => scope.isNotEmpty && !isRefreshTokenScopeAlias(scope)) .where((scope) => scope.isNotEmpty && !isOfflineScopeAlias(scope))
.toList(growable: false); .toList(growable: false);
} }

View File

@@ -3,7 +3,7 @@ import 'package:userfront/features/auth/domain/consent_scope_policy.dart';
void main() { void main() {
group('consent scope policy', () { group('consent scope policy', () {
test('filters offline scope aliases from requested consent scopes', () { test('keeps offline_access visible and filters only offline', () {
expect( expect(
filterConsentScopes([ filterConsentScopes([
'openid', 'openid',
@@ -12,14 +12,14 @@ void main() {
'offline_access', 'offline_access',
'email', 'email',
]), ]),
['openid', 'profile', 'email'], ['openid', 'profile', 'offline_access', 'email'],
); );
}); });
test('detects refresh token scope aliases case-insensitively', () { test('detects offline scope alias case-insensitively', () {
expect(isRefreshTokenScopeAlias('OFFLINE'), isTrue); expect(isOfflineScopeAlias('OFFLINE'), isTrue);
expect(isRefreshTokenScopeAlias(' offline_access '), isTrue); expect(isOfflineScopeAlias(' offline_access '), isFalse);
expect(isRefreshTokenScopeAlias('profile'), isFalse); expect(isOfflineScopeAlias('profile'), isFalse);
}); });
}); });
} }