From e4060eec791064b2e8da0dd7a1c9568f2b41d9c1 Mon Sep 17 00:00:00 2001
From: Xiao Yijun <xiaoyijun@silverhand.io>
Date: Wed, 14 May 2025 11:16:29 +0800
Subject: [PATCH 1/2] feat(auth): support custom scope in authorization
 requests

---
 src/client/auth.ts | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/client/auth.ts b/src/client/auth.ts
index b170cefc..db8cdf5c 100644
--- a/src/client/auth.ts
+++ b/src/client/auth.ts
@@ -84,7 +84,14 @@ export class UnauthorizedError extends Error {
  */
 export async function auth(
   provider: OAuthClientProvider,
-  { serverUrl, authorizationCode }: { serverUrl: string | URL, authorizationCode?: string }): Promise<AuthResult> {
+  { serverUrl,
+    authorizationCode,
+    scope,
+  }: {
+    serverUrl: string | URL;
+    authorizationCode?: string;
+    scope?: string;
+  }): Promise<AuthResult> {
   const metadata = await discoverOAuthMetadata(serverUrl);
 
   // Handle client registration if needed
@@ -146,7 +153,7 @@ export async function auth(
     metadata,
     clientInformation,
     redirectUrl: provider.redirectUrl,
-    scope: provider.clientMetadata.scope
+    scope,
   });
 
   await provider.saveCodeVerifier(codeVerifier);

From d5ecf47e7ad1e0eb4fee0d6f1f20c811dbf016bd Mon Sep 17 00:00:00 2001
From: Xiao Yijun <xiaoyijun@silverhand.io>
Date: Wed, 14 May 2025 19:45:05 +0800
Subject: [PATCH 2/2] fix(auth): default to provider's scope if not provided

---
 src/client/auth.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/client/auth.ts b/src/client/auth.ts
index db8cdf5c..e4941576 100644
--- a/src/client/auth.ts
+++ b/src/client/auth.ts
@@ -153,7 +153,7 @@ export async function auth(
     metadata,
     clientInformation,
     redirectUrl: provider.redirectUrl,
-    scope,
+    scope: scope || provider.clientMetadata.scope,
   });
 
   await provider.saveCodeVerifier(codeVerifier);