From afdd475d8c43a7857136a7b24d40f931b78fda39 Mon Sep 17 00:00:00 2001
From: Tal Borenstein <tal@keephq.dev>
Date: Mon, 18 Mar 2024 13:31:02 +0200
Subject: [PATCH] fix(api): validate oauth provider scopes

---
 keep/api/routes/providers.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/keep/api/routes/providers.py b/keep/api/routes/providers.py
index 00e5852ed..a1fbf66a0 100644
--- a/keep/api/routes/providers.py
+++ b/keep/api/routes/providers.py
@@ -628,6 +628,8 @@ async def install_provider_oauth2(
             context_manager, provider_unique_id, provider_type, provider_config
         )
 
+        validated_scopes = validate_scopes(provider)
+
         secret_manager = SecretManagerFactory.get_secret_manager(context_manager)
         secret_name = f"{tenant_id}_{provider_type}_{provider_unique_id}"
         secret_manager.write_secret(
@@ -643,6 +645,7 @@ async def install_provider_oauth2(
             installed_by=installed_by,
             installation_time=time.time(),
             configuration_key=secret_name,
+            validatedScopes=validated_scopes,
         )
         session.add(provider)
         session.commit()