mirror of
https://github.com/appwrite/appwrite
synced 2026-05-24 09:28:40 +00:00
d9c606a1c2
The Yahoo OAuth provider was using deprecated Social Directory API scopes
('sdct-r' and 'sdpp-w') which are no longer valid and causing authentication
failures with the error: invalid_scope
Changes:
- Replace deprecated scopes 'sdct-r' (Social Directory Contacts Read) and
'sdpp-w' (Social Directory Profile Write) with standard OIDC scopes
- Add 'openid' scope for OpenID Connect authentication
- Add 'profile' scope for basic profile information
- Add 'email' scope for email address access
These new scopes align with Yahoo's OpenID Connect implementation and are
listed in their discovery document at:
https://api.login.yahoo.com/.well-known/openid-configuration
The Yahoo adapter already uses the OIDC userinfo endpoint
(https://api.login.yahoo.com/openid/v1/userinfo), so these scopes are the
correct choice for authentication.
Custom scopes passed via the API are still supported and will be merged
with these defaults via the base OAuth2 class constructor.
Fixes: Yahoo OAuth authentication returning 'invalid_scope' error
|
||
|---|---|---|
| .. | ||
| MFA | ||
| OAuth2 | ||
| Validator | ||
| Key.php | ||
| OAuth2.php | ||
| Phrase.php | ||