Pass the scope from the token, not application

There are at times when a token's scope could be attenuated for whatever reason from the full scope allowed to the application. In those instances, it is necessary to use the token's scope rather than the full scope.
author: Frederick Muriuki Muriithi 2024-10-09 16:06:06 -0500
committer: Frederick Muriuki Muriithi 2024-10-09 16:10:57 -0500
commit: de0a270f31f4527f94b55872a0db7afd82e4f002 (patch)
tree: 325e0203b8daf23a1e70425eabd3fa7b810b91fa /gn2/wqflask/oauth2
parent: f75ea839c34e73c916c30b6857611cfc618940dd (diff)
download: genenetwork2-de0a270f31f4527f94b55872a0db7afd82e4f002.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/gn2/wqflask/oauth2/client.py b/gn2/wqflask/oauth2/client.py
index a7d20f6b..3ee1c36f 100644
--- a/gn2/wqflask/oauth2/client.py
+++ b/gn2/wqflask/oauth2/client.py
@@ -152,7 +152,7 @@ def oauth2_client():
         client = OAuth2Session(
             oauth2_clientid(),
             oauth2_clientsecret(),
-            scope=SCOPE,
+            scope=token["scope"],
             token_endpoint=urljoin(authserver_uri(), "auth/token"),
             token_endpoint_auth_method="client_secret_post",
             token=token,
author	Frederick Muriuki Muriithi	2024-10-09 16:06:06 -0500
committer	Frederick Muriuki Muriithi	2024-10-09 16:10:57 -0500
commit	de0a270f31f4527f94b55872a0db7afd82e4f002 (patch)
tree	325e0203b8daf23a1e70425eabd3fa7b810b91fa /gn2/wqflask/oauth2
parent	f75ea839c34e73c916c30b6857611cfc618940dd (diff)
download	genenetwork2-de0a270f31f4527f94b55872a0db7afd82e4f002.tar.gz