Skip to content

Commit

Permalink
Merge branch '1440-fix-msoft-refresh-token' into HEAD
Browse files Browse the repository at this point in the history
* 1440-fix-msoft-refresh-token:
  dexidp#1440 Add offline_access scope, if required
  • Loading branch information
maksd committed May 30, 2019
2 parents 60f47c4 + b189d07 commit a46eeed
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions connector/microsoft/microsoft.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,9 @@ const (
// Microsoft requires this scope to list groups the user is a member of
// and resolve their UUIDs to groups names.
scopeGroups = "directory.read.all"
// Microsoft requires this scope to return a refresh token
// see https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#offline_access
scopeOfflineAccess = "offline_access"
)

// Config holds configuration options for microsoft logins.
Expand Down Expand Up @@ -92,6 +95,10 @@ func (c *microsoftConnector) oauth2Config(scopes connector.Scopes) *oauth2.Confi
microsoftScopes = append(microsoftScopes, scopeGroups)
}

if scopes.OfflineAccess {
microsoftScopes = append(microsoftScopes, scopeOfflineAccess)
}

return &oauth2.Config{
ClientID: c.clientID,
ClientSecret: c.clientSecret,
Expand Down

0 comments on commit a46eeed

Please sign in to comment.