From 6c5c4cda233751a077a9a06c21d5f23f8e78de1d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Chopin?= <seb@nuxt.com>
Date: Tue, 4 Feb 2025 17:39:13 +0100
Subject: [PATCH] fix(microsoft): fix duplicated scopes (#331)

---
 src/runtime/server/lib/oauth/microsoft.ts | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/runtime/server/lib/oauth/microsoft.ts b/src/runtime/server/lib/oauth/microsoft.ts
index 2ee9ce67..79f03742 100644
--- a/src/runtime/server/lib/oauth/microsoft.ts
+++ b/src/runtime/server/lib/oauth/microsoft.ts
@@ -77,7 +77,9 @@ export function defineOAuthMicrosoftEventHandler({ config, onSuccess, onError }:
     const redirectURL = config.redirectURL || getOAuthRedirectURL(event)
 
     if (!query.code) {
-      const scope = config.scope && config.scope.length > 0 ? config.scope : ['User.Read']
+      config.scope = config.scope && config.scope.length > 0 ? config.scope : ['User.Read']
+      // guarantee uniqueness of the scope
+      config.scope = [...new Set(config.scope)]
       // Redirect to Microsoft Oauth page
       return sendRedirect(
         event,
@@ -85,7 +87,7 @@ export function defineOAuthMicrosoftEventHandler({ config, onSuccess, onError }:
           client_id: config.clientId,
           response_type: 'code',
           redirect_uri: redirectURL,
-          scope: scope.join(' '),
+          scope: config.scope.join(' '),
           ...config.authorizationParams,
         }),
       )