From c8774e700bba0aa61863d79cfa4e1569bcfffb8f Mon Sep 17 00:00:00 2001
From: mstrhakr <37352843+mstrhakr@users.noreply.github.com>
Date: Sat, 3 Sep 2022 18:17:43 -0400
Subject: [PATCH] update oidc scope

passport-openidconnect adds the 'openid' scope to the request, regardless of if its already there.
removed 'openid' scope
removed unused 'groups' scope
---
 webserver.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webserver.js b/webserver.js
index 60e5ac3b..dca929fd 100644
--- a/webserver.js
+++ b/webserver.js
@@ -6902,7 +6902,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
                 userInfoURL: domain.authstrategies.oidc.userinfourl,
                 clientID: domain.authstrategies.oidc.clientid,
                 clientSecret: domain.authstrategies.oidc.clientsecret,
-                scope: ['openid profile email groups'],
+                scope: ['profile email'],
             };
             var OIDCStrategy = require('passport-openidconnect');
             if (typeof domain.authstrategies.oidc.callbackurl == 'string') { options.callbackURL = domain.authstrategies.oidc.callbackurl; } else { options.callbackURL = url + 'oidc-callback'; }