lib/rodauth/features/oauth_base.rb in rodauth-oauth-1.2.0 vs lib/rodauth/features/oauth_base.rb in rodauth-oauth-1.3.0

@@ -760,35 +760,35 @@
                       end
 
         throw_json_response_error(status_code, error_code)
       else
         redirect_url = URI.parse(redirect_url)
-        query_params = []
+        params = []
 
-        query_params << if respond_to?(:"oauth_#{error_code}_error_code")
-                          ["error", send(:"oauth_#{error_code}_error_code")]
-                        else
-                          ["error", error_code]
-                        end
+        params << if respond_to?(:"oauth_#{error_code}_error_code")
+                    ["error", send(:"oauth_#{error_code}_error_code")]
+                  else
+                    ["error", error_code]
+                  end
 
         if respond_to?(:"oauth_#{error_code}_message")
           message = send(:"oauth_#{error_code}_message")
-          query_params << ["error_description", CGI.escape(message)]
+          params << ["error_description", CGI.escape(message)]
         end
 
         state = param_or_nil("state")
 
-        query_params << ["state", state] if state
+        params << ["state", state] if state
 
-        _redirect_response_error(redirect_url, query_params)
+        _redirect_response_error(redirect_url, params)
       end
     end
 
-    def _redirect_response_error(redirect_url, query_params)
-      query_params = query_params.map { |k, v| "#{k}=#{v}" }
-      query_params << redirect_url.query if redirect_url.query
-      redirect_url.query = query_params.join("&")
+    def _redirect_response_error(redirect_url, params)
+      params = params.map { |k, v| "#{k}=#{v}" }
+      params << redirect_url.query if redirect_url.query
+      redirect_url.query = params.join("&")
       redirect(redirect_url.to_s)
     end
 
     def json_response_success(body, cache = false)
       response.status = 200
@@ -839,13 +839,13 @@
 
     def authorization_required
       throw_json_response_error(oauth_authorization_required_error_status, "invalid_client")
     end
 
-    def check_valid_scopes?
-      return false unless scopes
+    def check_valid_scopes?(scp = scopes)
+      return false unless scp
 
-      (scopes - oauth_application[oauth_applications_scopes_column].split(oauth_scope_separator)).empty?
+      (scp - oauth_application[oauth_applications_scopes_column].split(oauth_scope_separator)).empty?
     end
 
     def check_valid_uri?(uri)
       URI::DEFAULT_PARSER.make_regexp(oauth_valid_uri_schemes).match?(uri)
     end