OKTA-472125: use scope defined in config on renew (#87)

CHANGELOG.md

@@ -1,6 +1,23 @@
 # Changelog
 Running changelog of releases since `1.0.0-beta01`
 
+## v3.0.2
+
+### Fixes
+
+- Use scope from configuration on OidcClient.RenewAsync.
+
+##v3.0.1
+
+### Fixes
+
+- iOS - Ensure CloseBrowser is called on main thread on SignOutComplete
+- OktaStateManager.IsAuthenticated - only checks for presence of AccessToken
+- OktaStateManager.IsAccessTokenExpired - added
+
+### New Contributors
+* @kensykora made their first contribution in https://github.com/okta/okta-oidc-xamarin/pull/73
+
 ## v3.0.0
 
 Update/correct handling of authorization server Id.  Conveniences added and internal structure changes made to support future additions and extensions.

Okta.Xamarin/Okta.Xamarin.Android/Okta.Xamarin.Android.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2013/05/nuspec.xsd">
   <metadata>
     <id>Okta.Xamarin.Android</id>
-    <version>3.0.1</version>
+    <version>3.0.2</version>
     <authors>Okta, Inc.</authors>
     <owners>Okta, Inc.</owners>
     <requireLicenseAcceptance>false</requireLicenseAcceptance>

Okta.Xamarin/Okta.Xamarin.iOS/Okta.Xamarin.iOS.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2013/05/nuspec.xsd">
   <metadata>
     <id>Okta.Xamarin.iOS</id>
-    <version>3.0.1</version>
+    <version>3.0.2</version>
     <authors>Okta, Inc.</authors>
     <owners>Okta, Inc.</owners>
     <requireLicenseAcceptance>false</requireLicenseAcceptance>

Okta.Xamarin/Okta.Xamarin/OidcClient.cs

@@ -240,7 +240,7 @@ public async Task<ClaimsPrincipal> GetClaimsPincipalAsync(string accessToken)
         /// </summary>
         /// <typeparam name="T">The type to deserialize the response as.</typeparam>
         /// <param name="refreshToken">The refresh token</param>
-        /// <param name="refreshIdToken">A value indicating whether the id token should be refreshed.</param>
+        /// <param name="refreshIdToken">A value indicating whether the id token should be refreshed.  Argument is ignored if Config.Scope is defined.</param>
         /// <param name="authorizationServerId">The authorization server id.</param>
         /// <returns>T.</returns>
         public async Task<T> RenewAsync<T>(string refreshToken, bool refreshIdToken = false)
@@ -252,10 +252,14 @@ public async Task<T> RenewAsync<T>(string refreshToken, bool refreshIdToken = fa
         protected async Task<string> GetRenewJsonAsync(string refreshToken, bool refreshIdToken = false)
         {
             // for details see: https://developer.okta.com/docs/guides/refresh-tokens/use-refresh-token/
-            string scope = "offline_access";
-            if (refreshIdToken)
+            string scope = this.Config.Scope;
+            if (string.IsNullOrEmpty(scope))
             {
-                scope += " openid";
+                scope = "offline_access";
+                if (refreshIdToken)
+                {
+                    scope += " openid";
+                }
             }
 
             return await PerformAuthorizationServerRequestAsync(HttpMethod.Post, $"/token?client_id={Config.ClientId}", new Dictionary<string, string>(), new Dictionary<string, string>()

Okta.Xamarin/Okta.Xamarin/Okta.Xamarin.csproj

@@ -5,7 +5,7 @@
     <Company>Okta</Company>
     <Authors>Okta, Inc.</Authors>
     <GeneratePackageOnBuild>false</GeneratePackageOnBuild>
-    <Version>3.0.1</Version>
+    <Version>3.0.2</Version>
     <PackageTags>okta,token,authentication,authorization</PackageTags>
     <RepositoryUrl>https://github.com/okta/okta-oidc-xamarin/</RepositoryUrl>
     <PackageProjectUrl>https://github.com/okta/okta-oidc-xamarin/</PackageProjectUrl>

Okta.Xamarin/Okta.Xamarin/Okta.Xamarin.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2013/05/nuspec.xsd">
   <metadata>
     <id>Okta.Xamarin</id>
-    <version>3.0.1</version>
+    <version>3.0.2</version>
     <authors>Okta, Inc.</authors>
     <owners>Okta, Inc.</owners>
     <requireLicenseAcceptance>false</requireLicenseAcceptance>

Okta.Xamarin/Tests/Okta.Xamarin.Test/OidcClientShould.cs

@@ -3,6 +3,7 @@
 // Licensed under the Apache 2.0 license. See the LICENSE file in the project root for full license information.
 // </copyright>
 
+using Newtonsoft.Json;
 using System;
 using System.Collections.Generic;
 using System.Net.Http;
@@ -519,5 +520,37 @@ public void RaiseAuthCodeTokenExchangeExceptionThrownEvent()
             Assert.True(requestReceived);
             Assert.True(eventWasRaised);
         }
+
+        [Fact]
+        public void UseScopeFromConfigOnRenew()
+        {
+            string testClientId = "test client id";
+            string guid = System.Guid.NewGuid().ToString();
+            string testScope = $"test scope {guid}";
+            RenewResponse testRenewResponse = new RenewResponse { Scope = testScope };
+
+            OktaConfig testConfig = new OktaConfig
+            {
+                OktaDomain = "https://fake.cxm/",
+                RedirectUri = "https://fake.cxm/redirect",
+                PostLogoutRedirectUri = "https://fake.cxm/logoutRedirect",
+                ClientId = testClientId,
+                Scope = testScope,
+            };
+
+            bool? requestReceived = false;
+            HttpMessageHandlerMock mockHttpMessageHandler = new HttpMessageHandlerMock();
+            mockHttpMessageHandler.GetTestResponse = (request, cancellationToken) =>
+            {
+                string content = request.Content.ReadAsStringAsync().Result;
+                Assert.True(content.Equals($"grant_type=refresh_token&redirect_uri=https%3A%2F%2Ffake.cxm%2Fredirect&scope=test+scope+{guid}&refresh_token=test+refresh+token"));
+                requestReceived = true;
+                return new HttpResponseMessage() { StatusCode = System.Net.HttpStatusCode.OK, Content = new StringContent(JsonConvert.SerializeObject(testRenewResponse)) };
+            };
+            TestOidcClient testOidcClient = new TestOidcClient(testConfig);
+            testOidcClient.SetMockHttpMessageHandler(mockHttpMessageHandler);
+            testOidcClient.RenewAsync<RenewResponse>("test refresh token").Wait();
+            Assert.True(requestReceived);
+        }
     }
 }