Refactor `scopes` parameter (#116)

* Rename scopes -> additionalScopes.

* Refactor OAuthLoginWithOptions.

* Add additionalScopes test.

* Add nil and multi-scope test variants.

* Use generics.

GoogleSignIn/Sources/GIDSignIn.m

@@ -230,14 +230,14 @@ static const NSTimeInterval kMinimumRestoredAccessTokenTimeToExpire = 600.0;
 - (void)signInWithConfiguration:(GIDConfiguration *)configuration
        presentingViewController:(UIViewController *)presentingViewController
                            hint:(nullable NSString *)hint
-                         scopes:(nullable NSArray *)scopes
+               additionalScopes:(nullable NSArray<NSString *> *)additionalScopes
                        callback:(nullable GIDSignInCallback)callback {
   GIDSignInInternalOptions *options =
     [GIDSignInInternalOptions defaultOptionsWithConfiguration:configuration
                                      presentingViewController:presentingViewController
                                                     loginHint:hint
                                                 addScopesFlow:NO
-                                                       scopes:scopes
+                                                       scopes:additionalScopes
                                                      callback:callback];
   [self signInWithOptions:options];
 }
@@ -332,14 +332,14 @@ static const NSTimeInterval kMinimumRestoredAccessTokenTimeToExpire = 600.0;
 - (void)signInWithConfiguration:(GIDConfiguration *)configuration
                presentingWindow:(NSWindow *)presentingWindow
                            hint:(nullable NSString *)hint
-                         scopes:(nullable NSArray *)scopes
+               additionalScopes:(nullable NSArray<NSString *> *)additionalScopes
                        callback:(nullable GIDSignInCallback)callback {
   GIDSignInInternalOptions *options =
     [GIDSignInInternalOptions defaultOptionsWithConfiguration:configuration
                                              presentingWindow:presentingWindow
                                                     loginHint:hint
                                                 addScopesFlow:NO
-                                                       scopes:scopes
+                                                       scopes:additionalScopes
                                                      callback:callback];
   [self signInWithOptions:options];
 }

GoogleSignIn/Sources/Public/GoogleSignIn/GIDSignIn.h

@@ -157,14 +157,14 @@ typedef void (^GIDDisconnectCallback)(NSError *_Nullable error);
 ///     iOS 9 and 10.
 /// @param hint An optional hint for the authorization server, for example the user's ID or email
 ///     address, to be prefilled if possible.
-/// @param scopes a list of initial scopes
+/// @param additionalScopes An optional array of scopes to request in addition to the basic profile scopes.
 /// @param callback The `GIDSignInCallback` block that is called on completion.  This block will be
 ///     called asynchronously on the main queue.
 
 - (void)signInWithConfiguration:(GIDConfiguration *)configuration
        presentingViewController:(UIViewController *)presentingViewController
                            hint:(nullable NSString *)hint
-                         scopes:(nullable NSArray *)scopes
+               additionalScopes:(nullable NSArray<NSString *> *)additionalScopes
                        callback:(nullable GIDSignInCallback)callback;
 
 /// Starts an interactive consent flow on iOS to add scopes to the current user's grants.
@@ -228,14 +228,14 @@ typedef void (^GIDDisconnectCallback)(NSError *_Nullable error);
 /// @param presentingWindow The window used to supply `presentationContextProvider` for `ASWebAuthenticationSession`.
 /// @param hint An optional hint for the authorization server, for example the user's ID or email
 ///     address, to be prefilled if possible.
-/// @param scopes a list of initial scopes
+/// @param additionalScopes An optional array of scopes to request in addition to the basic profile scopes.
 /// @param callback The `GIDSignInCallback` block that is called on completion.  This block will be
 ///     called asynchronously on the main queue.
 
 - (void)signInWithConfiguration:(GIDConfiguration *)configuration
                presentingWindow:(NSWindow *)presentingWindow
                            hint:(nullable NSString *)hint
-                         scopes:(nullable NSArray *)scopes
+               additionalScopes:(nullable NSArray<NSString *> *)additionalScopes
                        callback:(nullable GIDSignInCallback)callback;
 
 /// Starts an interactive consent flow on macOS to add scopes to the current user's grants.
@@ -243,7 +243,7 @@ typedef void (^GIDDisconnectCallback)(NSError *_Nullable error);
 /// The callback will be called at the end of this process.  If successful, a new `GIDGoogleUser`
 /// instance will be returned reflecting the new scopes and saved sign-in state will be updated.
 ///
-/// @param scopes The scopes to ask the user to consent to.
+/// @param scopes An array of scopes to ask the user to consent to.
 /// @param presentingWindow The window used to supply `presentationContextProvider` for `ASWebAuthenticationSession`.
 /// @param callback The `GIDSignInCallback` block that is called on completion.  This block will be
 ///     called asynchronously on the main queue.

GoogleSignIn/Tests/Unit/GIDSignInTest.m

@@ -27,7 +27,6 @@
 @import GoogleSignIn;
 
 #import "GoogleSignIn/Sources/GIDGoogleUser_Private.h"
-#import "GoogleSignIn/Sources/GIDSignInInternalOptions.h"
 #import "GoogleSignIn/Sources/GIDSignIn_Private.h"
 #import "GoogleSignIn/Sources/GIDAuthentication_Private.h"
 
@@ -470,62 +469,97 @@ static void *kTestObserverContext = &kTestObserverContext;
 }
 
 - (void)testOAuthLogin {
-  [self OAuthLoginWithOptions:nil
-                    authError:nil
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:NO
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO];
 }
 
 - (void)testOAuthLogin_RestoredSignIn {
-  [self OAuthLoginWithOptions:nil
-                    authError:nil
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:YES
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:YES
+                     oldAccessToken:NO
+                        modalCancel:NO];
 }
 
 - (void)testOAuthLogin_RestoredSignInOldAccessToken {
-  [self OAuthLoginWithOptions:nil
-                    authError:nil
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:YES
-               oldAccessToken:YES
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:YES
+                     oldAccessToken:YES
+                        modalCancel:NO];
+}
+
+- (void)testOAuthLogin_AdditionalScopes {
+  NSString *expectedScopeString;
+  
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO
+                useAdditionalScopes:YES
+                   additionalScopes:nil];
+
+  expectedScopeString = [@[ @"email", @"profile" ] componentsJoinedByString:@" "];
+  XCTAssertEqualObjects(_savedAuthorizationRequest.scope, expectedScopeString);
+
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO
+                useAdditionalScopes:YES
+                   additionalScopes:@[ kScope ]];
+
+  expectedScopeString = [@[ kScope, @"email", @"profile" ] componentsJoinedByString:@" "];
+  XCTAssertEqualObjects(_savedAuthorizationRequest.scope, expectedScopeString);
+
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO
+                useAdditionalScopes:YES
+                   additionalScopes:@[ kScope, kScope2 ]];
+
+  expectedScopeString = [@[ kScope, kScope2, @"email", @"profile" ] componentsJoinedByString:@" "];
+  XCTAssertEqualObjects(_savedAuthorizationRequest.scope, expectedScopeString);
 }
 
 - (void)testAddScopes {
   // Restore the previous sign-in account. This is the preparation for adding scopes.
-  [self OAuthLoginWithOptions:nil
-                    authError:nil
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:YES
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:YES
+                     oldAccessToken:NO
+                        modalCancel:NO];
 
   XCTAssertNotNil(_signIn.currentUser);
 
-
-  GIDSignInInternalOptions *options = [GIDSignInInternalOptions defaultOptionsWithConfiguration:nil
-#if TARGET_OS_IOS || TARGET_OS_MACCATALYST
-                                                                       presentingViewController:nil
-#elif TARGET_OS_OSX
-                                                                               presentingWindow:nil
-#endif
-                                                                                      loginHint:nil
-                                                                                  addScopesFlow:YES
-                                                                                       callback:nil];
-
   id profile = OCMStrictClassMock([GIDProfileData class]);
   OCMStub([profile email]).andReturn(kUserEmail);
 
@@ -538,14 +572,14 @@ static void *kTestObserverContext = &kTestObserverContext;
   OCMStub([_user profile]).andReturn(profile);
   OCMStub([_user grantedScopes]).andReturn(@[kGrantedScope]);
 
-  [self OAuthLoginWithOptions:options
-                    authError:nil
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:NO
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:YES
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO];
 
   NSArray<NSString *> *grantedScopes;
   NSString *grantedScopeString = _savedAuthorizationRequest.scope;
@@ -573,14 +607,14 @@ static void *kTestObserverContext = &kTestObserverContext;
                                                  hostedDomain:nil
                                                   openIDRealm:kOpenIDRealm];
 
-  [self OAuthLoginWithOptions:nil
-                    authError:nil
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:NO
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO];
 
   NSDictionary<NSString *, NSString *> *params = _savedTokenRequest.additionalParameters;
   XCTAssertEqual(params[kOpenIDRealmKey], kOpenIDRealm, @"OpenID Realm should match.");
@@ -589,14 +623,14 @@ static void *kTestObserverContext = &kTestObserverContext;
 - (void)testOAuthLogin_LoginHint {
   _hint = kUserEmail;
 
-  [self OAuthLoginWithOptions:nil
-                    authError:nil
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:NO
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO];
 
   NSDictionary<NSString *, NSObject *> *params = _savedAuthorizationRequest.additionalParameters;
   XCTAssertEqualObjects(params[@"login_hint"], kUserEmail, @"login hint should match");
@@ -608,56 +642,56 @@ static void *kTestObserverContext = &kTestObserverContext;
                                                  hostedDomain:kHostedDomain
                                                   openIDRealm:nil];
 
-  [self OAuthLoginWithOptions:nil
-                    authError:nil
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:NO
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO];
 
   NSDictionary<NSString *, NSObject *> *params = _savedAuthorizationRequest.additionalParameters;
   XCTAssertEqualObjects(params[@"hd"], kHostedDomain, @"hosted domain should match");
 }
 
 - (void)testOAuthLogin_ConsentCanceled {
-  [self OAuthLoginWithOptions:nil
-                    authError:@"access_denied"
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:NO
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:@"access_denied"
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO];
   [self waitForExpectationsWithTimeout:1 handler:nil];
   XCTAssertTrue(_callbackCalled, @"should call delegate");
   XCTAssertEqual(_authError.code, kGIDSignInErrorCodeCanceled);
 }
 
 - (void)testOAuthLogin_ModalCanceled {
-  [self OAuthLoginWithOptions:nil
-                    authError:nil
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:NO
-               oldAccessToken:NO
-                  modalCancel:YES];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:YES];
   [self waitForExpectationsWithTimeout:1 handler:nil];
   XCTAssertTrue(_callbackCalled, @"should call delegate");
   XCTAssertEqual(_authError.code, kGIDSignInErrorCodeCanceled);
 }
 
 - (void)testOAuthLogin_KeychainError {
-  [self OAuthLoginWithOptions:nil
-                    authError:nil
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:YES
-               restoredSignIn:NO
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:YES
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO];
   [self waitForExpectationsWithTimeout:1 handler:nil];
   XCTAssertFalse(_keychainSaved, @"should save to keychain");
   XCTAssertTrue(_callbackCalled, @"should call delegate");
@@ -667,14 +701,14 @@ static void *kTestObserverContext = &kTestObserverContext;
 
 - (void)testSignOut {
   // Sign in a user so that we can then sign them out.
-  [self OAuthLoginWithOptions:nil
-                    authError:nil
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:YES
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:YES
+                     oldAccessToken:NO
+                        modalCancel:NO];
 
   XCTAssertNotNil(_signIn.currentUser);
 
@@ -906,14 +940,14 @@ static void *kTestObserverContext = &kTestObserverContext;
 #if TARGET_OS_IOS
 
 - (void)testEmmSupportRequestParameters {
-  [self OAuthLoginWithOptions:nil
-                    authError:nil
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:NO
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO];
 
   NSString *systemName = [UIDevice currentDevice].systemName;
   if ([systemName isEqualToString:@"iPhone OS"]) {
@@ -951,14 +985,14 @@ static void *kTestObserverContext = &kTestObserverContext;
 }
 
 - (void)testEmmPasscodeInfo {
-  [self OAuthLoginWithOptions:nil
-                    authError:nil
-                   tokenError:nil
-      emmPasscodeInfoRequired:YES
-                keychainError:NO
-               restoredSignIn:NO
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:nil
+            emmPasscodeInfoRequired:YES
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO];
   NSDictionary<NSString *, NSString *> *tokenParams = _savedTokenRequest.additionalParameters;
   if (_isEligibleForEMM) {
     XCTAssertNotNil(tokenParams[@"emm_passcode_info"],
@@ -982,14 +1016,14 @@ static void *kTestObserverContext = &kTestObserverContext;
       handleErrorFromResponse:callbackParams completion:SAVE_TO_ARG_BLOCK(completion)];
 
 
-  [self OAuthLoginWithOptions:nil
-                    authError:callbackParams[@"error"]
-                   tokenError:nil
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:NO
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:callbackParams[@"error"]
+                         tokenError:nil
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO];
 
   [mockEMMErrorHandler verify];
   [mockEMMErrorHandler stopMocking];
@@ -1019,14 +1053,14 @@ static void *kTestObserverContext = &kTestObserverContext;
                                           completion:SAVE_TO_ARG_BLOCK(completion)];
 
 
-  [self OAuthLoginWithOptions:nil
-                    authError:nil
-                   tokenError:emmError
-      emmPasscodeInfoRequired:NO
-                keychainError:NO
-               restoredSignIn:NO
-               oldAccessToken:NO
-                  modalCancel:NO];
+  [self OAuthLoginWithAddScopesFlow:NO
+                          authError:nil
+                         tokenError:emmError
+            emmPasscodeInfoRequired:NO
+                      keychainError:NO
+                     restoredSignIn:NO
+                     oldAccessToken:NO
+                        modalCancel:NO];
 
   NSError *handledError = [NSError errorWithDomain:kGIDSignInErrorDomain
                                               code:kGIDSignInErrorCodeEMM
@@ -1096,15 +1130,37 @@ static void *kTestObserverContext = &kTestObserverContext;
   XCTAssertTrue(_keychainRemoved, @"should clear saved keychain name");
 }
 
+- (void)OAuthLoginWithAddScopesFlow:(BOOL)addScopesFlow
+                          authError:(NSString *)authError
+                         tokenError:(NSError *)tokenError
+            emmPasscodeInfoRequired:(BOOL)emmPasscodeInfoRequired
+                      keychainError:(BOOL)keychainError
+                     restoredSignIn:(BOOL)restoredSignIn
+                     oldAccessToken:(BOOL)oldAccessToken
+                        modalCancel:(BOOL)modalCancel {
+  [self OAuthLoginWithAddScopesFlow:addScopesFlow
+                          authError:authError
+                         tokenError:tokenError
+            emmPasscodeInfoRequired:emmPasscodeInfoRequired
+                      keychainError:keychainError
+                     restoredSignIn:restoredSignIn
+                     oldAccessToken:oldAccessToken
+                        modalCancel:modalCancel
+                useAdditionalScopes:NO
+                   additionalScopes:nil];
+}
+
 // The authorization flow with parameters to control which branches to take.
-- (void)OAuthLoginWithOptions:(GIDSignInInternalOptions *)options
-                    authError:(NSString *)authError
-                   tokenError:(NSError *)tokenError
-      emmPasscodeInfoRequired:(BOOL)emmPasscodeInfoRequired
-                keychainError:(BOOL)keychainError
-               restoredSignIn:(BOOL)restoredSignIn
-               oldAccessToken:(BOOL)oldAccessToken
-                  modalCancel:(BOOL)modalCancel {
+- (void)OAuthLoginWithAddScopesFlow:(BOOL)addScopesFlow
+                          authError:(NSString *)authError
+                         tokenError:(NSError *)tokenError
+            emmPasscodeInfoRequired:(BOOL)emmPasscodeInfoRequired
+                      keychainError:(BOOL)keychainError
+                     restoredSignIn:(BOOL)restoredSignIn
+                     oldAccessToken:(BOOL)oldAccessToken
+                        modalCancel:(BOOL)modalCancel
+                useAdditionalScopes:(BOOL)useAdditionalScopes
+                   additionalScopes:(NSArray *)additionalScopes {
   if (restoredSignIn) {
     // clearAndAuthenticateWithOptions
     [[[_authorization expect] andReturn:_authState] authState];
@@ -1161,7 +1217,7 @@ static void *kTestObserverContext = &kTestObserverContext;
       self->_callbackCalled = YES;
       self->_authError = error;
     };
-    if (options.addScopesFlow) {
+    if (addScopesFlow) {
       [_signIn addScopes:@[kNewScope]
 #if TARGET_OS_IOS || TARGET_OS_MACCATALYST
         presentingViewController:_presentingViewController
@@ -1170,14 +1226,26 @@ static void *kTestObserverContext = &kTestObserverContext;
 #endif
                 callback:callback];
     } else {
-      [_signIn signInWithConfiguration:_configuration
+      if (useAdditionalScopes) {
+        [_signIn signInWithConfiguration:_configuration
 #if TARGET_OS_IOS || TARGET_OS_MACCATALYST
-              presentingViewController:_presentingViewController
+                presentingViewController:_presentingViewController
 #elif TARGET_OS_OSX
-                      presentingWindow:_presentingWindow
+                        presentingWindow:_presentingWindow
 #endif
-                                  hint:_hint
-                              callback:callback];
+                                    hint:_hint
+                        additionalScopes:additionalScopes
+                                callback:callback];
+      } else {
+        [_signIn signInWithConfiguration:_configuration
+#if TARGET_OS_IOS || TARGET_OS_MACCATALYST
+                presentingViewController:_presentingViewController
+#elif TARGET_OS_OSX
+                        presentingWindow:_presentingWindow
+#endif
+                                    hint:_hint
+                                callback:callback];
+      }
     }
 
     [_authorization verify];
@@ -1257,7 +1325,7 @@ static void *kTestObserverContext = &kTestObserverContext;
   if (keychainError) {
     _saveAuthorizationReturnValue = NO;
   } else {
-    if (options.addScopesFlow) {
+    if (addScopesFlow) {
       [[_user expect] updateAuthState:SAVE_TO_ARG_BLOCK(authState)
                           profileData:SAVE_TO_ARG_BLOCK(profileData)];
     } else {
@@ -1298,7 +1366,7 @@ static void *kTestObserverContext = &kTestObserverContext;
   _keychainSaved = NO;
   _authError = nil;
 
-  if (!options.addScopesFlow) {
+  if (!addScopesFlow) {
     [[[_user expect] andReturn:_authentication] authentication];
     [[[_user expect] andReturn:_authentication] authentication];
   }