fix: add missing code to LambdaProxyIntegrationEvent class

src/events/http/createJWTAuthScheme.js

@@ -88,7 +88,7 @@ export default function createJWTAuthScheme(jwtOptions) {
         return h.authenticated({
           credentials: {
             claims,
-            // scopes, // this is being ignored by serverless-offline
+            scopes,
           },
         })
       } catch (err) {

src/events/http/lambda-events/LambdaProxyIntegrationEvent.js

@@ -134,8 +134,8 @@ export default class LambdaProxyIntegrationEvent {
     if (token) {
       try {
         claims = decodeJwt(token)
-        if (claims.scope) {
-          scopes = claims.scope.split(" ")
+        if (claims.scp || claims.scope) {
+          scopes = claims.scp || claims.scope.split(" ")
           // In AWS HTTP Api the scope property is removed from the decoded JWT
           // I'm leaving this property because I'm not sure how all of the authorizers
           // for AWS REST Api handle JWT.

src/events/http/lambda-events/LambdaProxyIntegrationEventV2.js

@@ -120,8 +120,8 @@ export default class LambdaProxyIntegrationEventV2 {
     if (token) {
       try {
         claims = decodeJwt(token)
-        if (claims.scope) {
-          scopes = claims.scope.split(" ")
+        if (claims.scp || claims.scope) {
+          scopes = claims.scp || claims.scope.split(" ")
           // In AWS HTTP Api the scope property is removed from the decoded JWT
           // I'm leaving this property because I'm not sure how all of the authorizers
           // for AWS REST Api handle JWT.

tests/integration/jwt-authorizer/jwt-authorizer.test.js

@@ -168,6 +168,7 @@ describe("jwt authorizer tests", function desc() {
       expected: {
         requestContext: {
           claims: oktaJWT,
+          scopes: ["email", "profile", "openid"],
         },
         status: "authorized",
       },