From 79c3b7a4d7a2f3e6af6a6036b9c22e0f89a960be Mon Sep 17 00:00:00 2001
From: Andrei Sousa <andrei.sousa@volvocars.com>
Date: Thu, 27 Mar 2025 17:20:44 +0100
Subject: [PATCH] fix: add scopes to token hook on authorization_code

---
 oauth2/handler.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/oauth2/handler.go b/oauth2/handler.go
index ea76f10b4d4..27f65a2a183 100644
--- a/oauth2/handler.go
+++ b/oauth2/handler.go
@@ -1178,7 +1178,8 @@ func (h *Handler) oauth2TokenExchange(w http.ResponseWriter, r *http.Request) {
 
 	if accessRequest.GetGrantTypes().ExactOne(string(fosite.GrantTypeClientCredentials)) ||
 		accessRequest.GetGrantTypes().ExactOne(string(fosite.GrantTypeJWTBearer)) ||
-		accessRequest.GetGrantTypes().ExactOne(string(fosite.GrantTypePassword)) {
+		accessRequest.GetGrantTypes().ExactOne(string(fosite.GrantTypePassword)) ||
+		accessRequest.GetGrantTypes().ExactOne(string(fosite.GrantTypeAuthorizationCode)) {
 		var accessTokenKeyID string
 		if h.c.AccessTokenStrategy(ctx, client.AccessTokenStrategySource(accessRequest.GetClient())) == "jwt" {
 			accessTokenKeyID, err = h.r.AccessTokenJWTStrategy().GetPublicKeyID(ctx)