From e5a2057382e378ba2d0d95c9dc8cc2f6de845941 Mon Sep 17 00:00:00 2001
From: DacongDA <dacongda1@sina.com>
Date: Thu, 2 Jan 2025 12:53:17 +0800
Subject: [PATCH] feat: fix empty scope bug in RefreshToken API (#3467)

* fix: fix scope will be empty when user not passing scope in refresh api

* fix: promote code format
---
 object/token_oauth.go | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/object/token_oauth.go b/object/token_oauth.go
index 5db0bb4e..d2a5f804 100644
--- a/object/token_oauth.go
+++ b/object/token_oauth.go
@@ -309,22 +309,29 @@ func RefreshToken(grantType string, refreshToken string, scope string, clientId
 		}, nil
 	}
 
+	var oldTokenScope string
 	if application.TokenFormat == "JWT-Standard" {
-		_, err = ParseStandardJwtToken(refreshToken, cert)
+		oldToken, err := ParseStandardJwtToken(refreshToken, cert)
 		if err != nil {
 			return &TokenError{
 				Error:            InvalidGrant,
 				ErrorDescription: fmt.Sprintf("parse refresh token error: %s", err.Error()),
 			}, nil
 		}
+		oldTokenScope = oldToken.Scope
 	} else {
-		_, err = ParseJwtToken(refreshToken, cert)
+		oldToken, err := ParseJwtToken(refreshToken, cert)
 		if err != nil {
 			return &TokenError{
 				Error:            InvalidGrant,
 				ErrorDescription: fmt.Sprintf("parse refresh token error: %s", err.Error()),
 			}, nil
 		}
+		oldTokenScope = oldToken.Scope
+	}
+
+	if scope == "" {
+		scope = oldTokenScope
 	}
 
 	// generate a new token