diff --git a/lib/omniauth/strategies/auth0.rb b/lib/omniauth/strategies/auth0.rb index c890c17..5e7ee3b 100644 --- a/lib/omniauth/strategies/auth0.rb +++ b/lib/omniauth/strategies/auth0.rb @@ -86,7 +86,7 @@ def client def authorize_params params = super parsed_query = Rack::Utils.parse_query(request.query_string) - %w[connection prompt].each do |key| + %w[connection connection_scope prompt].each do |key| params[key] = parsed_query[key] if parsed_query.key?(key) end @@ -94,7 +94,7 @@ def authorize_params params[:nonce] = SecureRandom.hex # Generate leeway if none exists params[:leeway] = 60 unless params[:leeway] - + # Store authorize params in the session for token verification session['authorize_params'] = params diff --git a/spec/omniauth/strategies/auth0_spec.rb b/spec/omniauth/strategies/auth0_spec.rb index bd26406..57a12c0 100644 --- a/spec/omniauth/strategies/auth0_spec.rb +++ b/spec/omniauth/strategies/auth0_spec.rb @@ -100,6 +100,15 @@ expect(redirect_url).not_to have_query('prompt') end + it 'redirects to the hosted login page with connection_scope' do + get 'auth/auth0?connection_scope=identity_provider_scope' + expect(last_response.status).to eq(302) + redirect_url = last_response.headers['Location'] + expect(redirect_url).to start_with('https://samples.auth0.com/authorize') + expect(redirect_url) + .to have_query('connection_scope', 'identity_provider_scope') + end + it 'redirects to hosted login page with prompt=login' do get 'auth/auth0?prompt=login' expect(last_response.status).to eq(302)