Support remote scope and use id token configuration (#784)

Some IDP requires different scope requests and issue access tokens for different purposes This change allow for remote configurable scopes and the use of ID token
2025-08-09 07:15:15 +02:00 · 2023-04-05 17:46:34 +02:00
parent e903522f8c
commit 32b345991a
11 changed files with 197 additions and 152 deletions
--- a/client/android/login.go
+++ b/client/android/login.go
@ -166,7 +166,7 @@ func (a *Auth) login(urlOpener URLOpener) error {
 		if err != nil {
 			return fmt.Errorf("interactive sso login failed: %v", err)
 		}
-		jwtToken = tokenInfo.AccessToken
+		jwtToken = tokenInfo.GetTokenToUse()
 	}

 	err = a.withBackOff(a.ctx, func() error {
@ -199,12 +199,7 @@ func (a *Auth) foregroundGetTokenInfo(urlOpener URLOpener) (*internal.TokenInfo,
 		}
 	}

-	hostedClient := internal.NewHostedDeviceFlow(
-		providerConfig.ProviderConfig.Audience,
-		providerConfig.ProviderConfig.ClientID,
-		providerConfig.ProviderConfig.TokenEndpoint,
-		providerConfig.ProviderConfig.DeviceAuthEndpoint,
-	)
+	hostedClient := internal.NewHostedDeviceFlow(providerConfig.ProviderConfig)

 	flowInfo, err := hostedClient.RequestDeviceCode(context.TODO())
 	if err != nil {