Add defaultScope property

src/Stormpath.Configuration.Abstractions/Default.cs

@@ -51,6 +51,9 @@ public static class Default
                     {
                         Enabled = true,
 
+                        // Request a refresh token by default
+                        DefaultScope = "openid offline_access",
+
                         // Local validation checks the token signature.
                         // Stormpath (remote) validation makes a network request, but allows for token revocation.
                         ValidationStrategy = WebOauth2TokenValidationStrategy.Local

src/Stormpath.Configuration.Abstractions/Immutable/WebOauth2PasswordGrantConfiguration.cs

@@ -23,9 +23,11 @@ public sealed class WebOauth2PasswordGrantConfiguration
     {
         public WebOauth2PasswordGrantConfiguration(
             bool? enabled = null,
+            string defaultScope = null,
             WebOauth2TokenValidationStrategy? validationStrategy = null)
         {
             Enabled = enabled ?? false;
+            DefaultScope = defaultScope;
             ValidationStrategy = validationStrategy ?? WebOauth2TokenValidationStrategy.Local;
         }
 
@@ -34,14 +36,20 @@ internal WebOauth2PasswordGrantConfiguration()
         }
 
         public WebOauth2PasswordGrantConfiguration DeepClone()
-            => new WebOauth2PasswordGrantConfiguration(Enabled, ValidationStrategy);
+            => new WebOauth2PasswordGrantConfiguration(Enabled, DefaultScope, ValidationStrategy);
 
         /// <summary>
         /// Determines whether the <c>password</c> grant type is enabled.
         /// </summary>
         /// <remarks>Configuration path: <c>stormpath.web.oauth2.password.enabled</c></remarks>
         public bool Enabled { get; internal set; }
 
+        /// <summary>
+        /// The default scope(s) that are requested in addition to any scopes requested by the client.
+        /// </summary>
+        /// <remarks>Configuration path: <c>stormpath.web.oauth2.password.defaultScope</c></remarks>
+        public string DefaultScope { get; internal set; }
+
         /// <summary>
         /// The selected validation strategy.
         /// </summary>

src/Stormpath.Configuration.Abstractions/Stormpath.Configuration.Abstractions.csproj

@@ -3,7 +3,7 @@
   <PropertyGroup>
     <Description>Abstractions for the Stormpath.Configuration package.</Description>
     <Copyright>(c) 2017 Stormpath, Inc.</Copyright>
-    <VersionPrefix>7.1.0-beta2</VersionPrefix>
+    <VersionPrefix>7.1.0-beta3</VersionPrefix>
     <Authors>Nate Barbettini</Authors>
     <TargetFrameworks>net45;netstandard1.0</TargetFrameworks>
     <AssemblyName>Stormpath.Configuration.Abstractions</AssemblyName>

src/Stormpath.Configuration.Abstractions/WebOauth2PasswordGrantConfiguration.cs

@@ -27,6 +27,12 @@ public sealed class WebOauth2PasswordGrantConfiguration
         /// <remarks>Configuration path: <c>stormpath.web.oauth2.password.enabled</c></remarks>
         public bool Enabled { get; set; } = Default.Configuration.Web.Oauth2.Password.Enabled;
 
+        /// <summary>
+        /// The default scope(s) that are requested in addition to any scopes requested by the client.
+        /// </summary>
+        /// <remarks>Configuration path: <c>stormpath.web.oauth2.password.defaultScope</c></remarks>
+        public string DefaultScope { get; set; } = Default.Configuration.Web.Oauth2.Password.DefaultScope;
+
         /// <summary>
         /// The selected validation strategy.
         /// </summary>

src/Stormpath.Configuration/Stormpath.Configuration.csproj

@@ -3,7 +3,7 @@
   <PropertyGroup>
     <Description>Load Stormpath configuration from various sources.</Description>
     <Copyright>(c) 2017 Stormpath, Inc.</Copyright>
-    <VersionPrefix>7.1.0-beta2</VersionPrefix>
+    <VersionPrefix>7.1.0-beta3</VersionPrefix>
     <Authors>Nate Barbettini</Authors>
     <TargetFrameworks>net45;netstandard1.3</TargetFrameworks>
     <AssemblyName>Stormpath.Configuration</AssemblyName>

test/Stormpath.Configuration.Test/DefaultConfigTestCases/JsonTestCase.cs

@@ -73,6 +73,7 @@ public override string FileContents
       },
       ""password"": {
         ""enabled"": true,
+        ""defaultScope"": ""openid offline_access"",
         ""validationStrategy"": ""local""
       }
     },

test/Stormpath.Configuration.Test/DefaultConfigTestCases/YamlTestCase.cs

@@ -67,6 +67,7 @@ public override string FileContents
         ttl: 3600
     password:
       enabled: true
+      defaultScope: openid offline_access
       validationStrategy: ""local""
 
   accessTokenCookie:

test/Stormpath.Configuration.Test/Default_config_tests.cs

@@ -109,6 +109,7 @@ private static void ValidateConfig(StormpathConfiguration config)
             config.Web.Oauth2.Client_Credentials.Enabled.Should().BeTrue();
             config.Web.Oauth2.Client_Credentials.AccessToken.Ttl.Should().Be(3600);
             config.Web.Oauth2.Password.Enabled.Should().BeTrue();
+            config.Web.Oauth2.Password.DefaultScope.Should().Be("openid offline_access");
             config.Web.Oauth2.Password.ValidationStrategy.Should().Be(Abstractions.WebOauth2TokenValidationStrategy.Local);
 
             config.Web.AccessTokenCookie.Name.Should().Be("access_token");

test/Stormpath.Configuration.Test/ModifiedConfigTestCases/JsonTestCase.cs

@@ -79,6 +79,7 @@ public override string FileContents
       },
       ""password"": {
         ""enabled"": false,
+        ""defaultScope"": ""profile"",
         ""validationStrategy"": ""STORMPATH""
       }
     },

test/Stormpath.Configuration.Test/ModifiedConfigTestCases/YamlTestCase.cs

@@ -70,6 +70,7 @@ public override string FileContents
         ttl: 3601
     password:
       enabled: false
+      defaultScope: profile
       validationStrategy: ""STORMPATH""
 
   accessTokenCookie:

test/Stormpath.Configuration.Test/Modified_config_tests.cs

@@ -79,6 +79,7 @@ public void Supplied_by_immutable_instance()
                     ),
                     passwordGrant: new Abstractions.Immutable.WebOauth2PasswordGrantConfiguration(
                         enabled: false,
+                        defaultScope: "profile",
                         validationStrategy: WebOauth2TokenValidationStrategy.Stormpath)
                 ),
 
@@ -234,6 +235,7 @@ public void Supplied_by_mutable_instance()
                         Password = new WebOauth2PasswordGrantConfiguration()
                         {
                             Enabled = false,
+                            DefaultScope = "profile",
                             ValidationStrategy = WebOauth2TokenValidationStrategy.Stormpath
                         }
                     },
@@ -441,6 +443,7 @@ public void Supplied_by_anonymous_type()
                         password = new
                         {
                             enabled = false,
+                            defaultScope = "profile",
                             validationStrategy = WebOauth2TokenValidationStrategy.Stormpath
                         }
                     },
@@ -627,6 +630,7 @@ private static void ValidateConfig(Abstractions.Immutable.StormpathConfiguration
             config.Web.Oauth2.Client_Credentials.Enabled.Should().BeFalse();
             config.Web.Oauth2.Client_Credentials.AccessToken.Ttl.Should().Be(3601);
             config.Web.Oauth2.Password.Enabled.Should().BeFalse();
+            config.Web.Oauth2.Password.DefaultScope.Should().Be("profile");
             config.Web.Oauth2.Password.ValidationStrategy.Should().Be(WebOauth2TokenValidationStrategy.Stormpath);
 
             config.Web.AccessTokenCookie.Name.Should().Be("accessToken");