2 files changed, 8 insertions, 4 deletions

diff --git a/src/auth/db-oauth2.c b/src/auth/db-oauth2.c
index b36a4ce..d5ef604 100644
--- a/src/auth/db-oauth2.c
+++ b/src/auth/db-oauth2.c
@@ -3,6 +3,7 @@
 #include "auth-common.h"
 #include "array.h"
 #include "str.h"
+#include "strescape.h"
 #include "var-expand.h"
 #include "env-util.h"
 #include "var-expand.h"
@@ -650,7 +651,8 @@ db_oauth2_token_in_scope(struct db_oauth2_request *req,
 	if (*req->db->set.scope != '\0') {
 		bool found = FALSE;
 		const char *value = auth_fields_find(req->fields, "scope");
-		if (value == NULL)
+		bool has_scope = value != NULL;
+		if (!has_scope)
 			value = auth_fields_find(req->fields, "aud");
 		e_debug(authdb_event(req->auth_request),
 			"Token scope(s): %s",
@@ -658,9 +660,11 @@ db_oauth2_token_in_scope(struct db_oauth2_request *req,
 		if (value != NULL) {
 			const char **wanted_scopes =
 				t_strsplit_spaces(req->db->set.scope, " ");
-			const char **scopes = t_strsplit_spaces(value, " ");
+			const char *const *entries = has_scope ?
+				t_strsplit_spaces(value, " ") :
+				t_strsplit_tabescaped(value);
 			for (; !found && *wanted_scopes != NULL; wanted_scopes++)
-				found = str_array_find(scopes, *wanted_scopes);
+				found = str_array_find(entries, *wanted_scopes);
 		}
 		if (!found) {
 			*error_r = t_strdup_printf("Token is not valid for scope '%s'",
diff --git a/src/auth/mech-oauth2.c b/src/auth/mech-oauth2.c
index dae5632..fc62248 100644
--- a/src/auth/mech-oauth2.c
+++ b/src/auth/mech-oauth2.c
@@ -26,7 +26,7 @@ static bool oauth2_find_oidc_url(struct auth_request *req, const char **url_r)
 	for (; db != NULL; db = db->next) {
 		if (strcmp(db->passdb->iface.name, "oauth2") == 0) {
 			const char *url =
-				passdb_oauth2_get_oidc_url(req->passdb->passdb);
+				passdb_oauth2_get_oidc_url(db->passdb);
 			if (url == NULL || *url == '\0')
 				continue;
 			*url_r = url;