v1.70 has a typo in the generate_url at line 216
Closed this issue · 1 comments
within line 216 the complex URL that is built has an odd format that made me look at the HTTP decoded text.
scope=%2009852200-05fd-41f6-8c21-d36d3497dc64%20openid&
http decoded is:
scope= 09852200-05fd-41f6-8c21-d36d3497dc64 openid&
notice the spaces between the key and value? My best guess is this is a typo, as the scope value in fordpass_new.py at line 151 is:
scope=openid&
My mistake, spaces are part of the spec:
https://auth0.com/docs/get-started/apis/scopes/openid-connect-scopes
The basic (and required) scope for OIDC is openid, which indicates that an application intends to use the OIDC protocol to verify a user's identity. Beyond that, an application can ask for additional scopes by listing the requested scope names in the scope parameter, separated by spaces.