microsoft-graph-toolkit
microsoft-graph-toolkit copied to clipboard
microsoftgraph
Improve Scope casing for simple provider
Proposal: Improve Scope casing for simple provider
Description
Scopes in Microsoft's Oauth are case insensitive - however when the token is returned they are always given in PascalCase - the simple provider requests them in lowercase
Rationale
As mentioned - there is no difference between "User.Read.All" and "user.read.all" in terms of the actual endpoints but all the documentation and the tokens themselves seem to prefer the Pascal Case version
Preferred Solution
Switch to pascal case for the method that is run in the simpleProvider
Hello RobPethick, thank you for opening an issue with us!
I have automatically added a "needs triage" label to help get things started. Our team will analyze and investigate the issue, and escalate it to the relevant team if possible. Other community members may also look into the issue and provide feedback 🙌
It did initially within my simple provider as when I checked the scopes I currently had in my cached token against the scopes requested here they didn't match - obviously a .toLowerCase() fixed it. But it seems to me that it would be better for this to match the scopes returned in the decoded JWT token
That makes sense. The reason you see lowercase scopes emitted by the toolkit is because we used all lower case letters across the project. Not for any specific reason, it just is.
I think the work for this issue would be to create a construct/enum to manage scope strings so we don't hardcode them everywhere. We would then need to update each of our Graph calls to use the scope enums instead of hardcoding them. This creates an obvious place to put the scope values with comments on the preferred format.
At the moment, this is not something we're likely to prioritize. That being said, the Graph Toolkit is an open source project and we'll be happy to support and review if you want to contribute to its codebase! In the meantime, we will be closing this issue. Thanks!
