lib/rack/oauth2/models/access_token.rb in rack-oauth2-server-1.2.0 vs lib/rack/oauth2/models/access_token.rb in rack-oauth2-server-1.2.1

@@ -13,9 +13,10 @@
             Server.new_instance self, collection.find_one({ :_id=>token, :revoked=>nil })
           end
 
           # Get an access token (create new one if necessary).
           def get_token_for(identity, scope, client_id)
+            scope = scope.split.sort.join(" ") # Make sure always in same order.
             unless token = collection.find_one({ :identity=>identity.to_s, :scope=>scope, :client_id=>client_id })
               token = { :_id=>Server.secure_random, :identity=>identity.to_s, :scope=>scope, :client_id=>client_id,
                         :created_at=>Time.now.utc, :expires_at=>nil, :revoked=>nil }
               collection.insert token
             end