From 4704137782ca34360482f93df9e0ad3000ab69a9 Mon Sep 17 00:00:00 2001
From: Evan Sims <evan.sims@okta.com>
Date: Mon, 24 Oct 2022 12:40:10 -0500
Subject: [PATCH] fix: Restore previous behavior of
 SdkConfiguration::setScope() being nullable

---
 src/Configuration/SdkConfiguration.php        | 14 +++++-----
 .../Configuration/SdkConfigurationTest.php    | 26 +++++++++++++++++++
 2 files changed, 33 insertions(+), 7 deletions(-)

diff --git a/src/Configuration/SdkConfiguration.php b/src/Configuration/SdkConfiguration.php
index 241f7b86..a128f77d 100644
--- a/src/Configuration/SdkConfiguration.php
+++ b/src/Configuration/SdkConfiguration.php
@@ -52,7 +52,7 @@ final class SdkConfiguration implements ConfigurableContract
      * @param array<string>|null             $audience              One or more API identifiers, found in your Auth0 API settings. The SDK uses the first value for building links. If provided, at least one of these values must match the 'aud' claim to validate an ID Token successfully.
      * @param array<string>|null             $organization          One or more Organization IDs, found in your Auth0 Organization settings. The SDK uses the first value for building links. If provided, at least one of these values must match the 'org_id' claim to validate an ID Token successfully.
      * @param bool                           $usePkce               Defaults to true. Use PKCE (Proof Key of Code Exchange) with Authorization Code Flow requests. See https://auth0.com/docs/flows/call-your-api-using-the-authorization-code-flow-with-pkce
-     * @param array<string>                  $scope                 One or more scopes to request for Tokens. See https://auth0.com/docs/scopes
+     * @param array<string>|null             $scope                 One or more scopes to request for Tokens. See https://auth0.com/docs/scopes
      * @param string                         $responseMode          Defaults to 'query.' Where to extract request parameters from, either 'query' for GET or 'form_post' for POST requests.
      * @param string                         $responseType          Defaults to 'code.' Use 'code' for server-side flows and 'token' for application side flow.
      * @param string                         $tokenAlgorithm        Defaults to 'RS256'. Algorithm to use for Token verification. Expects either 'RS256' or 'HS256'.
@@ -99,7 +99,7 @@ public function __construct(
         private ?array $audience = null,
         private ?array $organization = null,
         private bool $usePkce = true,
-        private array $scope = ['openid', 'profile', 'email'],
+        private ?array $scope = ['openid', 'profile', 'email'],
         private string $responseMode = 'query',
         private string $responseType = 'code',
         private string $tokenAlgorithm = Token::ALGO_RS256,
@@ -768,9 +768,9 @@ public function hasResponseType(): bool
     /**
      * @param array<string> $scope An array of scopes to request during authentication steps.
      */
-    public function setScope(array $scope = ['openid', 'profile', 'email']): self
+    public function setScope(?array $scope = ['openid', 'profile', 'email']): self
     {
-        if ([] === $scope) {
+        if (null === $scope || [] === $scope) {
             $scope = ['openid', 'profile', 'email'];
         }
 
@@ -783,7 +783,7 @@ public function setScope(array $scope = ['openid', 'profile', 'email']): self
      */
     public function getScope(): array
     {
-        return $this->scope;
+        return $this->scope ?? ['openid', 'profile', 'email'];
     }
 
     public function hasScope(): bool
@@ -811,7 +811,7 @@ public function pushScope(array|string $scopes): ?array
             return $this->scope;
         }
 
-        $this->setScope(array_merge($this->scope, $scopes));
+        $this->setScope(array_merge($this->getScope(), $scopes));
 
         return $this->scope;
     }
@@ -1321,7 +1321,7 @@ private function getPropertyValidators(): array
             'audience' => fn ($value) => is_array($value) || null === $value,
             'organization' => fn ($value) => is_array($value) || null === $value,
             'usePkce' => fn ($value) => is_bool($value),
-            'scope' => fn ($value) => is_array($value),
+            'scope' => fn ($value) => is_array($value) || null === $value,
             'responseMode' => fn ($value) => is_string($value),
             'responseType' => fn ($value) => is_string($value),
             'tokenAlgorithm' => fn ($value) => is_string($value),
diff --git a/tests/Unit/Configuration/SdkConfigurationTest.php b/tests/Unit/Configuration/SdkConfigurationTest.php
index 80913969..dcaaa264 100644
--- a/tests/Unit/Configuration/SdkConfigurationTest.php
+++ b/tests/Unit/Configuration/SdkConfigurationTest.php
@@ -402,6 +402,32 @@
     expect($sdk->formatScope())->toEqual('one two three');
 });
 
+test('scope() successfully reverts to the default values when an empty array is provided', function(): void
+{
+    $sdk = new SdkConfiguration([
+        'domain' => MockDomain::valid(),
+        'cookieSecret' => uniqid(),
+        'clientId' => uniqid(),
+        'redirectUri' => uniqid(),
+        'scope' => [],
+    ]);
+
+    expect($sdk->getScope())->toEqual(['openid', 'profile', 'email']);
+});
+
+test('scope() successfully reverts to the default values when a null value is provided', function(): void
+{
+    $sdk = new SdkConfiguration([
+        'domain' => MockDomain::valid(),
+        'cookieSecret' => uniqid(),
+        'clientId' => uniqid(),
+        'redirectUri' => uniqid(),
+        'scope' => null,
+    ]);
+
+    expect($sdk->getScope())->toEqual(['openid', 'profile', 'email']);
+});
+
 test('defaultOrganization() successfully returns the first organization', function(): void
 {
     $sdk = new SdkConfiguration([