Scope changed when authenticating

[brainthee]

Hey, thanks for the project!

When trying to authenticate, a warning is thrown which seems to fail authentication:

(todosync) brainthee@machine~/projects/todosync$ python3 ./syncLists.py 
Go here and authorize:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&client_id=xx-d460-4d27-bb38-xx&redirect_uri=https%3A%2F%2Flocalhost%2Flogin%2Fauthorized&scope=openid+offline_access+tasks.readwrite&state=xx

Paste the full redirect URL below:
https://localhost/login/authorized?code=M.C107_BL2.2.xx-e991-5fac-5950-xx&state=xx
Traceback (most recent call last):
  File "/home/brainthee/projects/todosync/./syncLists.py", line 8, in <module>
    token = ToDoConnection.get_token(ms_client_id, ms_client_secret, redirect_resp)
  File "/home/brainthee/.virtualenvs/todosync/lib/python3.10/site-packages/pymstodo/client.py", line 281, in get_token
    token = oa_sess.fetch_token(token_url, client_secret=client_secret, authorization_response=redirect_resp)
  File "/home/brainthee/.virtualenvs/todosync/lib/python3.10/site-packages/requests_oauthlib/oauth2_session.py", line 366, in fetch_token
    self._client.parse_request_body_response(r.text, scope=self.scope)
  File "/home/brainthee/.virtualenvs/todosync/lib/python3.10/site-packages/oauthlib/oauth2/rfc6749/clients/base.py", line 427, in parse_request_body_response
    self.token = parse_token_response(body, scope=scope)
  File "/home/brainthee/.virtualenvs/todosync/lib/python3.10/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 441, in parse_token_response
    validate_token_parameters(params)
  File "/home/brainthee/.virtualenvs/todosync/lib/python3.10/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 471, in validate_token_parameters
    raise w
Warning: Scope has changed from "offline_access tasks.readwrite openid" to "Tasks.ReadWrite openid".

[brainthee]

Just for context as I realised from other posts it might be important. I'm trying to authenticate with a personal Microsoft account. The personal account is in the tenant that created the application key and has full perms but guessing there is a scope difference for personal vs org accounts?

[mxxu00]

I meet the same problem, wating for author solving.

[inbalboa]

Merged PR by @anwar3606.

I apologize for the long response, guys. These are difficult times for me and my country because of Russian aggression. It's a little hard to pay attention to side projects like this one when you don't sleep well because of almost nightly air raids. And in the morning you read the news that the Russians have hit another residential building with a missile. For example, last night the Russians destroyed a 5-floor building in the city of Kryvyi Rih. There are victims, some are still under the rubble, which is being cleared by rescuers. And after such news, you have to get on with your day job, because you have to live somehow.
Thank you and hope for your understanding

[brainthee]

I didn't realise. Stay safe and focus on yourself.

[benedict284]

I got the following error:
Warning: Scope has changed from "Tasks.ReadWrite openid" to "Tasks.ReadWrite email openid profile".

I replaced the following line 248 in client.py
_scope: str = 'openid Tasks.ReadWrite' by
_scope: str = 'openid Tasks.ReadWrite email profile'

This works for me.