try to read aad2 scopes from environment variables (#1197)

Co-authored-by: Viacheslav Lepshin <[email protected]>
Huachao · May 10, 2024 · d8cb63c · d8cb63c
1 parent 6692a27
commit d8cb63c
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -579,7 +579,7 @@ System variables provide a pre-defined set of variables that can be used in any
 
   `appOnly`: Optional. Specify `appOnly` to use make to use a client credentials flow to obtain a token. `aadV2ClientSecret` and `aadV2AppUri`must be provided as REST Client environment variables. `aadV2ClientId`, `aadV2TenantId` and `aadV2Cloud` may also be optionally provided via the environment. `aadV2ClientId` in environment will only be used for `appOnly` calls.
 
-  `scopes:<scope[,]>`: Optional. Comma delimited list of scopes that must have consent to allow the call to be successful. Not applicable for `appOnly` calls.
+  `scopes:<scope[,]>`: Optional. Comma delimited list of scopes that must have consent to allow the call to be successful. Not applicable for `appOnly` calls. `aadV2Scopes` may optionally be provided via the environment.
 
   `tenantId:<domain|tenantId>`: Optional. Domain or tenant id for the tenant to sign in to. (`common` to determine tenant from sign in).
 

diff --git a/src/utils/aadV2TokenProvider.ts b/src/utils/aadV2TokenProvider.ts
@@ -207,7 +207,7 @@ class AuthParameters {
         authParameters.cloud = (await authParameters.readEnvironmentVariable("aadV2Cloud")) || authParameters.cloud;
         authParameters.tenantId = (await authParameters.readEnvironmentVariable("aadV2TenantId")) || authParameters.tenantId;
 
-        let scopes = "openid,profile";
+        let scopes = (await authParameters.readEnvironmentVariable("aadV2Scopes")) || "openid,profile";
         let explicitClientId: string | undefined = undefined;
         // Parse variable parameters
         const groups = authParameters.aadV2TokenRegex.exec(name);