From 027342e11704975e350b9bd028eb6ba1e14d64d7 Mon Sep 17 00:00:00 2001
From: Matt Feury <mattfeury@gmail.com>
Date: Tue, 29 Nov 2022 13:55:37 -0500
Subject: [PATCH] maintain backwards compatability for default oidc scope
 variable

---
 pkg/auth/oidc.go | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/pkg/auth/oidc.go b/pkg/auth/oidc.go
index 2ccbab0c..352bf965 100644
--- a/pkg/auth/oidc.go
+++ b/pkg/auth/oidc.go
@@ -103,10 +103,17 @@ func NewOidcAuthSetter(baseCfg BaseConfig, cfg OidcClientConfig) *OidcAuthProvid
 		eps[k] = []string{v}
 	}
 
+	// Previous versions hardcoded the scope to audience,
+	// so for backwards compatability, use that if no scope is set
+	scope := cfg.OidcAudience
+	if cfg.OidcScope != "" {
+		scope = cfg.OidcScope
+	}
+
 	tokenGenerator := &clientcredentials.Config{
 		ClientID:       cfg.OidcClientID,
 		ClientSecret:   cfg.OidcClientSecret,
-		Scopes:         []string{cfg.OidcScope},
+		Scopes:         []string{scope},
 		TokenURL:       cfg.OidcTokenEndpointURL,
 		EndpointParams: eps,
 	}