fix: address claude review nits

Author: wdawson

packages/client/src/client/auth.ts

@@ -647,7 +647,7 @@ async function authInternal(
             metadata,
             resource,
             authorizationCode,
-            scope,
+            scope: resolvedScope,
             fetchFn
         });
 
@@ -1256,7 +1256,7 @@ export async function startAuthorization(
         authorizationUrl.searchParams.set('scope', scope);
     }
 
-    if (scope?.includes('offline_access')) {
+    if (scope?.split(' ').includes('offline_access')) {
         // if the request includes the OIDC-only "offline_access" scope,
         // we need to set the prompt to "consent" to ensure the user is prompted to grant offline access
         // https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess