Authentification custom providers await session.scopes empty

[ihebmeftah]

I use custom providers in authentification : when i want access to scopes in the server using session await session.scopes i recieve empty list (In the past after i migrate to custom providers i use email auth work fine )

[SalahAnwer]

I got this issue too

[ihebmeftah]

I got this issue too

@SalahAnwer try pass this param in siginin methode .signInUser(userInfo.id!, 'myAuthMethod', scopes: userInfo.scopes) this is my example https://github.com/ihebmeftah/dart-serverside/blob/master/lms_server/lib/src/endpoints/users_endpoint.dart

[SandPod]

You might have already resolved this but I'll answer here just to give some clarification if anyone else runs into this issue.

Unfortunately, there exists some confusion around where the scopes should be registered as there is both a field in the User model and in the AuthKey model.

The correct way to register scopes for a user is, as @ihebmeftah has already mentioned, in the call .signInUser(...) after authentication is complete.

The scopes registered in the call to that method are the scopes that will be reflected in the session object in the endpoint.

Any scopes applied directly to the User will be ignored.
The scopes in the User model are supposed to be used as the source of truth for what scopes are defined when a new authentication key is created (the response from a successfull sign in). Right now we have an issue where the scopes are not propagated for all providers tracked here: #2164

We recently updated our documentation around implementing a custom provider, and this section discusses this specific topic: https://docs.serverpod.dev/concepts/authentication/providers/custom-providers#create-auth-token.

EDIT:

[jblankenship5]

I'm so confused, how is this supposed to work with google sign in?