Merge branch 'FTS-1670' into 'develop'

Add wlcg.groups scope when exchanging a token

Closes FTS-1670

......@@ -220,10 +220,13 @@ class FTS3OAuth2ResourceProvider(ResourceProvider):
if 'wlcg' in credential['iss']:
# Hardcoded scope and audience for wlcg tokens. To change once the wlcg standard evolves
scope = 'offline_access openid storage.modify:/'
scope = 'offline_access openid storage.modify:/ wlcg.groups'
audience = ''
access_token, refresh_token = oidc_manager.generate_token_with_scope(credential['iss'],
access_token, scope, audience)
refresh_token = oidc_manager.generate_refresh_token(credential['iss'], access_token)
except Exception:
