fix(dashboard): fix microsoft scope checking

CraigChat · Dec 28, 2023 · 493af72 · 493af72
1 parent b1e9f21
commit 493af72
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/apps/dashboard/pages/api/microsoft/oauth.ts b/apps/dashboard/pages/api/microsoft/oauth.ts
@@ -46,7 +46,8 @@ export default async (req: NextApiRequest, res: NextApiResponse) => {
     return res.redirect(`/?error=${encodeURIComponent('Could not get an access token, please sign in again.')}&from=microsoft`);
   if (!response.refresh_token || typeof response.refresh_token !== 'string')
     return res.redirect(`/?error=${encodeURIComponent('Could not get a refresh token, please sign in again.')}&from=microsoft`);
-  if (response.scope !== scopes.filter((s) => s !== 'offline_access').join(' ')) return res.redirect(`/?error=invalid_scope&from=microsoft`);
+  const scopesRecieved = response.scope.split(' ');
+  if (scopes.find((s) => s !== 'offline_access' && !scopesRecieved.includes(s))) return res.redirect(`/?error=invalid_scope&from=microsoft`);
 
   const me: MicrosoftUser = await fetch('https://graph.microsoft.com/v1.0/me', {
     headers: { Authorization: `${response.token_type} ${response.access_token}` }