From 1c7a2c48b83a19272007a567fff05572ad496382 Mon Sep 17 00:00:00 2001 From: Hsiaoming Yang Date: Wed, 6 Apr 2022 17:31:20 +0900 Subject: [PATCH] Allow openid scope anywhere Fixes https://github.com/lepture/authlib/issues/449 --- authlib/integrations/base_client/sync_app.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/authlib/integrations/base_client/sync_app.py b/authlib/integrations/base_client/sync_app.py index 38f5df84..3716c0dd 100644 --- a/authlib/integrations/base_client/sync_app.py +++ b/authlib/integrations/base_client/sync_app.py @@ -254,7 +254,7 @@ def _create_oauth2_authorization_url(client, authorization_endpoint, **kwargs): log.debug('Using code_verifier: {!r}'.format(code_verifier)) scope = kwargs.get('scope', client.scope) - if scope and scope.startswith('openid'): + if scope and 'openid' in scope.split(): # this is an OpenID Connect service nonce = kwargs.get('nonce') if not nonce: