@codemation/host 0.1.7 → 0.2.1

package/dist/{server-C5oqDnZQ.d.ts → server-CUo7My6x.d.ts}

@@ -1,7 +1,7 @@
-import { a as CodemationConfig, g as AppConfig, y as CodemationPlugin } from "./CodemationConfig-9PkOBCh-.js";
-import { t as CodemationConsumerConfigLoader } from "./CodemationConsumerConfigLoader-CeW4bnOg.js";
-import { t as AppConfigFactory } from "./AppConfigFactory-BBEn2B-i.js";
-import { a as WorkflowDto, o as WorkflowSummary } from "./PublicFrontendBootstrapFactory-SQVHMxLg.js";
+import { m as CodemationConfig, o as CodemationPlugin, r as AppConfig } from "./CodemationAppContext-Vtn0U2Ga.js";
+import { t as CodemationConsumerConfigLoader } from "./CodemationConsumerConfigLoader-BvTE-7tX.js";
+import { t as AppConfigFactory } from "./AppConfigFactory-j1Mc-dIX.js";
+import { a as WorkflowDto, o as WorkflowSummary } from "./PublicFrontendBootstrapFactory-r61MeSpZ.js";
 
 //#region src/presentation/http/ApiPaths.d.ts
 declare class ApiPaths {
@@ -150,4 +150,4 @@ declare class WorkflowDiscoveryPathSegmentsComputer {
 }
 //#endregion
 export { CodemationResolvedPluginPackage as a, CodemationServerGateway as c, CodemationPluginDiscovery as i, ApiPaths as l, WorkflowModulePathFinder as n, AppConfigLoadResult as o, CodemationDiscoveredPluginPackage as r, AppConfigLoader as s, WorkflowDiscoveryPathSegmentsComputer as t };
-//# sourceMappingURL=server-C5oqDnZQ.d.ts.map
+//# sourceMappingURL=server-CUo7My6x.d.ts.map

package/dist/server.d.ts

@@ -1,12 +1,12 @@
-import "./CodemationAuthConfig-7hEfICPf.js";
-import { n as InternalAuthBootstrap, r as FrontendAppConfig, t as PublicFrontendBootstrap } from "./PublicFrontendBootstrap-DCniMBGu.js";
-import { i as CodemationFrontendAuthSnapshotJsonCodec, n as InternalAuthBootstrapJsonCodec, r as FrontendAppConfigJsonCodec, t as PublicFrontendBootstrapJsonCodec } from "./PublicFrontendBootstrapJsonCodec-BE0mhe1v.js";
-import "./index-CLRTQLAp.js";
-import "./CodemationConfig-9PkOBCh-.js";
-import "./CodemationConfigNormalizer-DIc-LYqW.js";
-import { i as CodemationConsumerAppResolver, n as CodemationConsumerConfigResolution, r as CodemationConsumerApp, t as CodemationConsumerConfigLoader } from "./CodemationConsumerConfigLoader-CeW4bnOg.js";
-import { r as PrismaDatabaseClient } from "./AppConfigFactory-BBEn2B-i.js";
-import { t as CodemationPostgresPrismaClientFactory } from "./persistenceServer-Dv7fg_Jf.js";
-import { a as CodemationResolvedPluginPackage, c as CodemationServerGateway, i as CodemationPluginDiscovery, l as ApiPaths, n as WorkflowModulePathFinder, o as AppConfigLoadResult, r as CodemationDiscoveredPluginPackage, s as AppConfigLoader, t as WorkflowDiscoveryPathSegmentsComputer } from "./server-C5oqDnZQ.js";
-import { i as CodemationFrontendAuthSnapshotFactory, n as InternalAuthBootstrapFactory, r as FrontendAppConfigFactory, t as PublicFrontendBootstrapFactory } from "./PublicFrontendBootstrapFactory-SQVHMxLg.js";
+import "./index-SKC6oys-.js";
+import "./CodemationAppContext-Vtn0U2Ga.js";
+import "./CodemationWhitelabelConfig-D5rYcLlj.js";
+import { n as InternalAuthBootstrap, r as FrontendAppConfig, t as PublicFrontendBootstrap } from "./PublicFrontendBootstrap-ci0Vwxrb.js";
+import { i as CodemationFrontendAuthSnapshotJsonCodec, n as InternalAuthBootstrapJsonCodec, r as FrontendAppConfigJsonCodec, t as PublicFrontendBootstrapJsonCodec } from "./PublicFrontendBootstrapJsonCodec-Ja0GQgpp.js";
+import "./CodemationConfigNormalizer-kJmyHNDp.js";
+import { i as CodemationConsumerAppResolver, n as CodemationConsumerConfigResolution, r as CodemationConsumerApp, t as CodemationConsumerConfigLoader } from "./CodemationConsumerConfigLoader-BvTE-7tX.js";
+import { r as PrismaDatabaseClient } from "./AppConfigFactory-j1Mc-dIX.js";
+import { t as CodemationPostgresPrismaClientFactory } from "./persistenceServer-D89nDslh.js";
+import { a as CodemationResolvedPluginPackage, c as CodemationServerGateway, i as CodemationPluginDiscovery, l as ApiPaths, n as WorkflowModulePathFinder, o as AppConfigLoadResult, r as CodemationDiscoveredPluginPackage, s as AppConfigLoader, t as WorkflowDiscoveryPathSegmentsComputer } from "./server-CUo7My6x.js";
+import { i as CodemationFrontendAuthSnapshotFactory, n as InternalAuthBootstrapFactory, r as FrontendAppConfigFactory, t as PublicFrontendBootstrapFactory } from "./PublicFrontendBootstrapFactory-r61MeSpZ.js";
 export { ApiPaths, AppConfigLoadResult, AppConfigLoader, CodemationConsumerApp, CodemationConsumerAppResolver, CodemationConsumerConfigLoader, CodemationConsumerConfigResolution, CodemationDiscoveredPluginPackage, CodemationFrontendAuthSnapshotFactory, CodemationFrontendAuthSnapshotJsonCodec, CodemationPluginDiscovery, CodemationPostgresPrismaClientFactory, CodemationResolvedPluginPackage, CodemationServerGateway, FrontendAppConfig, FrontendAppConfigFactory, FrontendAppConfigJsonCodec, InternalAuthBootstrap, InternalAuthBootstrapFactory, InternalAuthBootstrapJsonCodec, PrismaDatabaseClient as PrismaClient, PublicFrontendBootstrap, PublicFrontendBootstrapFactory, PublicFrontendBootstrapJsonCodec, WorkflowDiscoveryPathSegmentsComputer, WorkflowModulePathFinder };

package/dist/server.js

@@ -1,13 +1,13 @@
-import "./ConsoleLogger-ClPU7jtc.js";
-import { i as CodemationFrontendAuthSnapshotJsonCodec, n as InternalAuthBootstrapJsonCodec, r as FrontendAppConfigJsonCodec, t as PublicFrontendBootstrapJsonCodec } from "./PublicFrontendBootstrapJsonCodec-BdiVGG5R.js";
-import { i as CodemationConsumerAppResolver, n as WorkflowDiscoveryPathSegmentsComputer, r as WorkflowModulePathFinder, t as CodemationConsumerConfigLoader } from "./CodemationConsumerConfigLoader-D6LFSlp5.js";
-import "./ServerLoggerFactory-BltIIDfQ.js";
-import "./decorateParam-DrsXNPuw.js";
-import "./decorate-B0PP651O.js";
-import "./CredentialServices-xVxVA9Tq.js";
-import { _ as CodemationFrontendAuthSnapshotFactory, g as FrontendAppConfigFactory, h as InternalAuthBootstrapFactory, m as PublicFrontendBootstrapFactory, y as ApiPaths } from "./AppContainerFactory-CeKsjo8L.js";
-import "./AppConfigFactory-ByT1D8dM.js";
-import { t as CodemationPostgresPrismaClientFactory } from "./persistenceServer-DMvIOGW8.js";
-import { n as AppConfigLoader, r as CodemationServerGateway, t as CodemationPluginDiscovery } from "./server-CioY8PP3.js";
+import "./ConsoleLogger-DuStfHe0.js";
+import { i as CodemationFrontendAuthSnapshotJsonCodec, n as InternalAuthBootstrapJsonCodec, r as FrontendAppConfigJsonCodec, t as PublicFrontendBootstrapJsonCodec } from "./PublicFrontendBootstrapJsonCodec-BZgQ_FnW.js";
+import { i as CodemationConsumerAppResolver, n as WorkflowDiscoveryPathSegmentsComputer, r as WorkflowModulePathFinder, t as CodemationConsumerConfigLoader } from "./CodemationConsumerConfigLoader-DovlxZNb.js";
+import "./ServerLoggerFactory-CsNW5qhz.js";
+import "./decorateParam-D7WPDFAf.js";
+import "./decorate-Dq0XLibd.js";
+import "./CredentialServices-BPKUF8Xs.js";
+import { _ as CodemationFrontendAuthSnapshotFactory, g as FrontendAppConfigFactory, h as InternalAuthBootstrapFactory, m as PublicFrontendBootstrapFactory, y as ApiPaths } from "./AppContainerFactory-CcSGFNLW.js";
+import "./AppConfigFactory-CqKWXqOm.js";
+import { t as CodemationPostgresPrismaClientFactory } from "./persistenceServer-DKbFDxoS.js";
+import { n as AppConfigLoader, r as CodemationServerGateway, t as CodemationPluginDiscovery } from "./server-CFpgKuVE.js";
 
 export { ApiPaths, AppConfigLoader, CodemationConsumerAppResolver, CodemationConsumerConfigLoader, CodemationFrontendAuthSnapshotFactory, CodemationFrontendAuthSnapshotJsonCodec, CodemationPluginDiscovery, CodemationPostgresPrismaClientFactory, CodemationServerGateway, FrontendAppConfigFactory, FrontendAppConfigJsonCodec, InternalAuthBootstrapFactory, InternalAuthBootstrapJsonCodec, PublicFrontendBootstrapFactory, PublicFrontendBootstrapJsonCodec, WorkflowDiscoveryPathSegmentsComputer, WorkflowModulePathFinder };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@codemation/host",
-  "version": "0.1.7",
+  "version": "0.2.1",
   "publishConfig": {
     "access": "public"
   },
@@ -24,6 +24,13 @@
       },
       "import": "./dist/index.js"
     },
+    "./authoring": {
+      "types": "./dist/authoring.d.ts",
+      "development": {
+        "import": "./src/authoring.ts"
+      },
+      "import": "./dist/authoring.js"
+    },
     "./client": {
       "types": "./dist/client.d.ts",
       "development": {
@@ -112,9 +119,9 @@
     "tsx": "^4.21.0",
     "ws": "^8.19.0",
     "zxcvbn": "^4.4.2",
-    "@codemation/core-nodes": "0.1.0",
-    "@codemation/eventbus-redis": "0.0.26",
-    "@codemation/core": "0.4.0"
+    "@codemation/core": "0.5.0",
+    "@codemation/core-nodes": "0.1.1",
+    "@codemation/eventbus-redis": "0.0.27"
   },
   "devDependencies": {
     "@playwright/test": "^1.58.2",
@@ -139,13 +146,13 @@
     "tsdown": "^0.15.5",
     "typescript": "^5.9.3",
     "vitest": "^4.0.18",
-    "@codemation/core-nodes-gmail": "0.0.28"
+    "@codemation/core-nodes-gmail": "0.1.1"
   },
   "scripts": {
     "changeset:verify": "pnpm --workspace-root run changeset:verify",
     "prisma:generate": "node ./scripts/generate-prisma-clients.mjs && node ./scripts/ensure-prisma-runtime-sourcemaps.mjs",
-    "build": "tsdown src/index.ts src/client.ts src/credentials.ts src/consumer.ts src/nextServer.ts src/server.ts src/devServerSidecar.ts src/persistenceServer.ts --out-dir dist --sourcemap",
-    "dev": "tsdown src/index.ts src/client.ts src/credentials.ts src/consumer.ts src/nextServer.ts src/server.ts src/devServerSidecar.ts src/persistenceServer.ts --out-dir dist --sourcemap --watch",
+    "build": "tsdown src/index.ts src/authoring.ts src/client.ts src/credentials.ts src/consumer.ts src/nextServer.ts src/server.ts src/devServerSidecar.ts src/persistenceServer.ts --out-dir dist --sourcemap",
+    "dev": "tsdown src/index.ts src/authoring.ts src/client.ts src/credentials.ts src/consumer.ts src/nextServer.ts src/server.ts src/devServerSidecar.ts src/persistenceServer.ts --out-dir dist --sourcemap --watch",
     "typecheck": "tsc -p tsconfig.json --noEmit",
     "lint": "eslint .",
     "test": "pnpm -w exec concurrently -m 5 -c auto -n unit,integration,ui,browser,e2e \"pnpm run test:unit\" \"pnpm run test:integration\" \"pnpm run test:ui\" \"pnpm run test:browser\" \"pnpm run test:e2e\"",

package/src/application/commands/StartWorkflowRunCommandHandler.ts

@@ -76,6 +76,13 @@ export class StartWorkflowRunCommandHandler extends CommandHandler<StartWorkflow
       sourceState,
       debuggerOverlay,
     });
+    const synthesizeTriggerItems = this.resolveSynthesizeTriggerItems({
+      workflow,
+      mode: body.mode,
+      requestedItems,
+      requestedSynthesizeTriggerItems: body.synthesizeTriggerItems,
+      currentState,
+    });
     const result =
       legacyStartNodeId && this.hasReusableCurrentState(currentState) && !clearFromNodeId
         ? await this.runIntentService.rerunFromNode({
@@ -83,7 +90,7 @@ export class StartWorkflowRunCommandHandler extends CommandHandler<StartWorkflow
             nodeId: legacyStartNodeId,
             currentState,
             items: requestedItems,
-            synthesizeTriggerItems: body.synthesizeTriggerItems,
+            synthesizeTriggerItems,
             executionOptions,
             workflowSnapshot: sourceState?.workflowSnapshot,
             mutableState: this.cloneMutableState(currentState.mutableState),
@@ -92,7 +99,7 @@ export class StartWorkflowRunCommandHandler extends CommandHandler<StartWorkflow
             workflow,
             startAt: legacyStartNodeId && !body.sourceRunId && !body.stopAt ? legacyStartNodeId : undefined,
             items,
-            synthesizeTriggerItems: body.synthesizeTriggerItems,
+            synthesizeTriggerItems,
             executionOptions,
             workflowSnapshot: sourceState?.workflowSnapshot,
             mutableState: this.cloneMutableState(currentState.mutableState),
@@ -226,4 +233,59 @@ export class StartWorkflowRunCommandHandler extends CommandHandler<StartWorkflow
       Object.keys(currentState.mutableState?.nodesById ?? {}).length > 0
     );
   }
+
+  private resolveSynthesizeTriggerItems(
+    args: Readonly<{
+      workflow: WorkflowDefinition;
+      mode: CreateRunRequest["mode"];
+      requestedItems: Items | undefined;
+      requestedSynthesizeTriggerItems: boolean | undefined;
+      currentState: RunCurrentState;
+    }>,
+  ): boolean {
+    if (this.hasNonEmptyItems(args.requestedItems)) {
+      return false;
+    }
+    if (args.requestedSynthesizeTriggerItems === true) {
+      return true;
+    }
+    if (args.mode !== "manual") {
+      return args.requestedSynthesizeTriggerItems ?? false;
+    }
+    if (!this.workflowHasTrigger(args.workflow)) {
+      return args.requestedSynthesizeTriggerItems ?? false;
+    }
+    if (this.currentStateHasTriggerData(args.workflow, args.currentState)) {
+      return args.requestedSynthesizeTriggerItems ?? false;
+    }
+    return true;
+  }
+
+  private workflowHasTrigger(workflow: WorkflowDefinition): boolean {
+    return workflow.nodes.some((node) => node.kind === "trigger");
+  }
+
+  private currentStateHasTriggerData(workflow: WorkflowDefinition, currentState: RunCurrentState): boolean {
+    const triggerNodeIds = workflow.nodes.filter((node) => node.kind === "trigger").map((node) => node.id);
+    for (const triggerNodeId of triggerNodeIds) {
+      if (this.hasOutputItems(currentState.outputsByNode[triggerNodeId])) {
+        return true;
+      }
+      if (this.hasOutputItems(currentState.mutableState?.nodesById?.[triggerNodeId]?.pinnedOutputsByPort)) {
+        return true;
+      }
+    }
+    return false;
+  }
+
+  private hasOutputItems(outputsByPort: Readonly<Partial<Record<string, Items>>> | undefined): boolean {
+    if (!outputsByPort) {
+      return false;
+    }
+    return Object.values(outputsByPort).some((items) => this.hasNonEmptyItems(items));
+  }
+
+  private hasNonEmptyItems(items: Items | undefined): boolean {
+    return (items?.length ?? 0) > 0;
+  }
 }

package/src/authoring.ts

@@ -0,0 +1,31 @@
+export { workflow } from "@codemation/core-nodes";
+export { defineCodemationApp, definePlugin } from "./presentation/config/CodemationAuthoring.types";
+export type {
+  DefineCodemationAppOptions,
+  DefinePluginOptions,
+  FriendlyCodemationDatabaseConfig,
+  FriendlyCodemationExecutionConfig,
+} from "./presentation/config/CodemationAuthoring.types";
+export type {
+  CodemationAppDefinition,
+  CodemationAppSchedulerConfig,
+  CodemationAppSchedulerKind,
+  CodemationApplicationRuntimeConfig,
+  CodemationConfig,
+  CodemationDatabaseConfig,
+  CodemationDatabaseKind,
+  CodemationEngineExecutionLimitsConfig,
+  CodemationEventBusConfig,
+  CodemationEventBusKind,
+  CodemationSchedulerConfig,
+  CodemationSchedulerKind,
+} from "./presentation/config/CodemationConfig";
+export type {
+  CodemationAppContext,
+  CodemationRegistrationContextBase,
+} from "./presentation/config/CodemationAppContext";
+export type {
+  CodemationPlugin,
+  CodemationPluginConfig,
+  CodemationPluginContext,
+} from "./presentation/config/CodemationPlugin";

package/src/domain/credentials/CredentialInstanceService.ts

@@ -23,6 +23,7 @@ import { ApplicationTokens } from "../../applicationTokens";
 
 import { CredentialFieldEnvOverlayService } from "./CredentialFieldEnvOverlayService";
 import { CredentialMaterialResolver } from "./CredentialMaterialResolver";
+import { CredentialOAuth2ScopeResolver } from "./CredentialOAuth2ScopeResolver";
 import { CredentialSecretCipher } from "./CredentialSecretCipher";
 import type {
   CredentialInstanceRecord,
@@ -49,6 +50,8 @@ export class CredentialInstanceService {
     private readonly credentialFieldEnvOverlayService: CredentialFieldEnvOverlayService,
     @inject(CredentialMaterialResolver)
     private readonly credentialMaterialResolver: CredentialMaterialResolver,
+    @inject(CredentialOAuth2ScopeResolver)
+    private readonly credentialOAuth2ScopeResolver: CredentialOAuth2ScopeResolver,
     @inject(CoreTokens.CredentialSessionService)
     private readonly credentialSessionService: MutableCredentialSessionService,
   ) {}
@@ -373,10 +376,14 @@ export class CredentialInstanceService {
       "providerId" in credentialType.definition.auth ? credentialType.definition.auth.providerId : "custom";
     const material = await this.credentialStore.getOAuth2Material(instance.instanceId);
     if (!material) {
+      const requestedScopes = this.credentialOAuth2ScopeResolver.resolveRequestedScopes(
+        credentialType.definition.auth,
+        instance.publicConfig,
+      );
       return {
         status: "disconnected",
         providerId,
-        scopes: [...credentialType.definition.auth.scopes],
+        scopes: [...requestedScopes],
       };
     }
     return {

package/src/domain/credentials/CredentialOAuth2ScopeResolver.ts

@@ -0,0 +1,61 @@
+import type { CredentialOAuth2AuthDefinition } from "@codemation/core";
+import { injectable } from "@codemation/core";
+import type { JsonRecord } from "./CredentialServices";
+
+@injectable()
+export class CredentialOAuth2ScopeResolver {
+  resolveRequestedScopes(auth: CredentialOAuth2AuthDefinition, publicConfig: JsonRecord): ReadonlyArray<string> {
+    const scopesFromPublicConfig = auth.scopesFromPublicConfig;
+    if (!scopesFromPublicConfig) {
+      return [...auth.scopes];
+    }
+    const preset = this.resolveString(publicConfig[scopesFromPublicConfig.presetFieldKey]);
+    if (!preset) {
+      return [...auth.scopes];
+    }
+    const presetScopes = scopesFromPublicConfig.presetScopes[preset];
+    if (presetScopes) {
+      return [...presetScopes];
+    }
+    const customPresetKey = scopesFromPublicConfig.customPresetKey ?? "custom";
+    if (preset !== customPresetKey) {
+      return [...auth.scopes];
+    }
+    const customScopes = this.resolveScopeList(
+      publicConfig[scopesFromPublicConfig.customScopesFieldKey ?? "customScopes"],
+    );
+    if (customScopes.length > 0) {
+      return customScopes;
+    }
+    return [...auth.scopes];
+  }
+
+  private resolveString(value: unknown): string | undefined {
+    if (typeof value !== "string") {
+      return undefined;
+    }
+    const normalized = value.trim();
+    return normalized.length > 0 ? normalized : undefined;
+  }
+
+  private resolveScopeList(value: unknown): ReadonlyArray<string> {
+    if (Array.isArray(value)) {
+      return this.dedupe(
+        value.map((entry) => (typeof entry === "string" ? entry.trim() : "")).filter((entry) => entry.length > 0),
+      );
+    }
+    if (typeof value !== "string") {
+      return [];
+    }
+    return this.dedupe(
+      value
+        .split(/[\s,]+/)
+        .map((entry) => entry.trim())
+        .filter((entry) => entry.length > 0),
+    );
+  }
+
+  private dedupe(entries: ReadonlyArray<string>): ReadonlyArray<string> {
+    return [...new Set(entries)];
+  }
+}

package/src/domain/credentials/CredentialServices.ts

@@ -138,6 +138,7 @@ export { CredentialTypeRegistryImpl } from "./CredentialTypeRegistryImpl";
 export { CredentialBindingService } from "./CredentialBindingService";
 export { CredentialInstanceService } from "./CredentialInstanceService";
 export { CredentialMaterialResolver } from "./CredentialMaterialResolver";
+export { CredentialOAuth2ScopeResolver } from "./CredentialOAuth2ScopeResolver";
 export { CredentialRuntimeMaterialService } from "./CredentialRuntimeMaterialService";
 export { CredentialFieldEnvOverlayService } from "./CredentialFieldEnvOverlayService";
 export { CredentialSecretCipher } from "./CredentialSecretCipher";

package/src/domain/credentials/OAuth2ConnectServiceFactory.ts

@@ -9,6 +9,7 @@ import {
   CredentialFieldEnvOverlayService,
   CredentialInstanceService,
   CredentialMaterialResolver,
+  CredentialOAuth2ScopeResolver,
   CredentialRuntimeMaterialService,
   CredentialSecretCipher,
   CredentialTypeRegistryImpl,
@@ -47,6 +48,8 @@ export class OAuth2ConnectService {
     private readonly credentialMaterialResolver: CredentialMaterialResolver,
     @inject(CredentialSecretCipher)
     private readonly credentialSecretCipher: CredentialSecretCipher,
+    @inject(CredentialOAuth2ScopeResolver)
+    private readonly credentialOAuth2ScopeResolver: CredentialOAuth2ScopeResolver,
     @inject(OAuth2ProviderRegistry)
     private readonly oauth2ProviderRegistry: OAuth2ProviderRegistry,
     @inject(ApplicationTokens.AppConfig)
@@ -63,6 +66,10 @@ export class OAuth2ConnectService {
       material: emptyMaterial,
     });
     const provider = this.oauth2ProviderRegistry.resolve(credentialType.definition, resolvedPublicConfig);
+    const requestedScopes = this.credentialOAuth2ScopeResolver.resolveRequestedScopes(
+      credentialType.definition.auth!,
+      resolvedPublicConfig,
+    );
     const redirectUri = this.getRedirectUri(requestOrigin);
     const state = this.createOpaqueValue();
     const codeVerifier = this.createOpaqueValue();
@@ -74,7 +81,7 @@ export class OAuth2ConnectService {
       instanceId,
       codeVerifier,
       providerId: provider.providerId,
-      requestedScopes: credentialType.definition.auth!.scopes,
+      requestedScopes,
       createdAt: createdAt.toISOString(),
       expiresAt: expiresAt.toISOString(),
     });
@@ -85,7 +92,7 @@ export class OAuth2ConnectService {
       this.oauth2ProviderRegistry.resolveClientId(credentialType.definition.auth!, resolvedPublicConfig),
     );
     authorizeUrl.searchParams.set("redirect_uri", redirectUri);
-    authorizeUrl.searchParams.set("scope", credentialType.definition.auth!.scopes.join(" "));
+    authorizeUrl.searchParams.set("scope", requestedScopes.join(" "));
     authorizeUrl.searchParams.set("state", state);
     authorizeUrl.searchParams.set("code_challenge", codeChallenge);
     authorizeUrl.searchParams.set("code_challenge_method", "S256");