diff --git a/Src/Support/Google.Apis.Auth.Tests/OAuth2/Flows/AuthorizationCodeFlowTests.cs b/Src/Support/Google.Apis.Auth.Tests/OAuth2/Flows/AuthorizationCodeFlowTests.cs index 5c1e7e3421..32bcbcab6d 100644 --- a/Src/Support/Google.Apis.Auth.Tests/OAuth2/Flows/AuthorizationCodeFlowTests.cs +++ b/Src/Support/Google.Apis.Auth.Tests/OAuth2/Flows/AuthorizationCodeFlowTests.cs @@ -181,6 +181,30 @@ public void TestExchangeCodeForTokenAsync() mock.Verify(ds => ds.StoreAsync("uSer", It.IsAny())); } + [Fact] + public void TestExchangeCodeForTokenAsync_NullScopes() + { + var mock = new Mock(); + var handler = new FetchTokenMessageHandler(); + handler.AuthorizationCodeTokenRequest = new AuthorizationCodeTokenRequest() + { + Code = "c0de", + RedirectUri = "redIrect", + Scope = null + }; + MockHttpClientFactory mockFactory = new MockHttpClientFactory(handler); + + TaskCompletionSource tcs = new TaskCompletionSource(); + tcs.SetResult(null); + mock.Setup(ds => ds.StoreAsync("uSer", It.IsAny())).Returns(tcs.Task); + + var flow = CreateFlow(httpClientFactory: mockFactory, scopes: null, dataStore: mock.Object); + var response = flow.ExchangeCodeForTokenAsync("uSer", "c0de", "redIrect", CancellationToken.None).Result; + SubtestTokenResponse(response); + + mock.Verify(ds => ds.StoreAsync("uSer", It.IsAny())); + } + [Fact] public void TestRefreshTokenAsync() { diff --git a/Src/Support/Google.Apis.Auth/OAuth2/Flows/AuthorizationCodeFlow.cs b/Src/Support/Google.Apis.Auth/OAuth2/Flows/AuthorizationCodeFlow.cs index 64b01cdcef..60ec6d07b0 100644 --- a/Src/Support/Google.Apis.Auth/OAuth2/Flows/AuthorizationCodeFlow.cs +++ b/Src/Support/Google.Apis.Auth/OAuth2/Flows/AuthorizationCodeFlow.cs @@ -242,7 +242,7 @@ public async Task ExchangeCodeForTokenAsync(string userId, string { var authorizationCodeTokenReq = new AuthorizationCodeTokenRequest { - Scope = string.Join(" ", Scopes), + Scope = Scopes == null ? null : string.Join(" ", Scopes), RedirectUri = redirectUri, Code = code, };