OpenIdProvider.authorize not adding scopes to request parameters

[mreilaender]

Describe the bug

Scopes provided in the AuthorizationRequest given to openIdProvider.authorize are not included in the resulting URI.

Expected behavior

Expected URI should be

https://login.inrupt.com/authorization?client_id=client-id-from-response&redirect_uri=http://localhost:8080/callback&response_type=code 1&scope=openid%2Cwebid%2Coffline_access

Actual behavior

Actual URI is

https://login.inrupt.com/authorization?client_id=client-id-from-response&redirect_uri=http://localhost:8080/callback&response_type=code 1

How to reproduce?

import java.net.URI

val openIdProvider = OpenIdProvider(URI.create("https://login.inrupt.com"), DPoP.of())

val authRequest = AuthorizationRequest.newBuilder()
  .responseType("code")
  .scope("openid").scope("webid").scope("offline_access")
  .build("<client-id-from-reponse>", URI.create("http://localhost:8080/callback"))

val request = Request.newBuilder()
  .uri(openIdProvider.authorize(authRequest).toCompletableFuture().get())
  .GET()
  .build()

return "redirect:${request.uri()}"

Output of java -version

No response

Maven version

No response

Additional information

No response

[acoburn]

Hello @mreilaender, thank you for this report. I am able to reproduce the issue and I can see that there is an omission in the client library. The fix should be straight-forward. I will update this ticket once I have a sense of the time frame for getting a patch release out.

[acoburn]

This has been fixed and released as part of version 1.1.1