getAllowedScopes method Null safety
- ResourceOwner owner
Returns list of allowed scopes for a given ResourceOwner.
Subclasses override this method to return a list of
AuthScopes based on some attribute(s) of an ResourceOwner.
That ResourceOwner is then restricted to only those scopes, even if the authenticating client would allow other scopes
or scopes with higher privileges.
When overriding this method, it is important to note that (by default) only the properties declared by ResourceOwner
will be valid for
owner has properties that are application-specific (like a
getResourceOwner must also be overridden to ensure those values are fetched.
List<AuthScope>? getAllowedScopes(ResourceOwner owner) => AuthScope.any;