Update backup.PrettyClose.app.py

backup.PrettyClose.app.py

@@ -33,9 +33,8 @@ PRODUCT_SCOPES = {
     "🔗 Azure OpenAI Service": ['AzureAIServices.ReadWrite.All']
 }
 
-# Separate reserved scopes
-RESERVED_SCOPES = ['openid', 'profile', 'offline_access']
-BASE_SCOPES = ['User.Read']  # Non-reserved base scopes
+# Base scopes (non-reserved)
+BASE_SCOPES = ['User.Read']
 
 def generate_pkce_codes():
     code_verifier = secrets.token_urlsafe(128)[:128]
@@ -54,7 +53,7 @@ def get_access_token(code, code_verifier):
     try:
         result = client_instance.acquire_token_by_authorization_code(
             code=code,
-            scopes=st.session_state.get('all_scopes', BASE_SCOPES + RESERVED_SCOPES),
+            scopes=st.session_state.get('request_scopes', BASE_SCOPES),
             redirect_uri=REDIRECT_URI,
             code_verifier=code_verifier
         )
@@ -86,8 +85,8 @@ def main():
         request_scopes.extend(PRODUCT_SCOPES[product])
     request_scopes = list(set(request_scopes))  # Remove duplicates
     
-    # Store all scopes (including reserved) for token acquisition
-    st.session_state['all_scopes'] = request_scopes + RESERVED_SCOPES
+    # Store request scopes in session state
+    st.session_state['request_scopes'] = request_scopes
 
     if 'access_token' not in st.session_state:
         if 'code_verifier' not in st.session_state:
@@ -99,7 +98,7 @@ def main():
         
         client_instance = get_msal_app()
         auth_url = client_instance.get_authorization_request_url(
-            scopes=request_scopes,  # Use only non-reserved scopes for the auth request
+            scopes=request_scopes,
             redirect_uri=REDIRECT_URI,
             code_challenge=code_challenge,
             code_challenge_method="S256"