diff --git a/src/components/auth/actions.js b/src/components/auth/actions.js
index 52369a6..4a5b821 100644
--- a/src/components/auth/actions.js
+++ b/src/components/auth/actions.js
@@ -189,6 +189,12 @@ export function clearErrors() {
return setErrors(null);
}
+const KNOWN_SCOPES = [
+ 'minecraft_server_session',
+ 'offline_access',
+ 'account_info',
+ 'account_email',
+];
/**
* @param {object} oauthData
* @param {string} oauthData.clientId
@@ -213,18 +219,27 @@ export function oAuthValidate(oauthData) {
return wrapInLoader((dispatch) =>
oauth.validate(oauthData)
.then((resp) => {
+ const scopes = resp.session.scopes;
+ const invalidScopes = scopes.filter((scope) => !KNOWN_SCOPES.includes(scope));
let prompt = (oauthData.prompt || 'none').split(',').map((item) => item.trim);
+
if (prompt.includes('none')) {
prompt = ['none'];
}
+ if (invalidScopes.length) {
+ logger.error('Got invalid scopes after oauth validation', {
+ invalidScopes
+ });
+ }
+
dispatch(setClient(resp.client));
dispatch(setOAuthRequest({
...resp.oAuth,
prompt: oauthData.prompt || 'none',
loginHint: oauthData.loginHint
}));
- dispatch(setScopes(resp.session.scopes));
+ dispatch(setScopes(scopes));
localStorage.setItem('oauthData', JSON.stringify({ // @see services/authFlow/AuthFlow
timestamp: Date.now(),
payload: oauthData
diff --git a/src/components/auth/permissions/PermissionsBody.js b/src/components/auth/permissions/PermissionsBody.js
index 2f5210d..042adb5 100644
--- a/src/components/auth/permissions/PermissionsBody.js
+++ b/src/components/auth/permissions/PermissionsBody.js
@@ -43,9 +43,18 @@ export default class PermissionsBody extends BaseAuthBody {