Bug 1912556 - Remove offline_access from the OAuth scopes we request from Microsoft. r=tobyp

Differential Revision: https://phabricator.services.mozilla.com/D219072

--HG--
extra : rebase_source : 881f7b9d09f7799f5e0844f25e48e8646e34cc34

mailnews/base/src/OAuth2.sys.mjs

@@ -384,7 +384,7 @@ OAuth2.prototype = {
         if ("scope" in result && this.scope != result.scope) {
           const deltaScope = this.scope
             .split(" ")
-            .some(s => !result.scope.includes(s));
+            .some(s => !result.scope.split(" ").includes(s));
           if (deltaScope) {
             this.log.warn(
               `Scope "${this.scope}" was requested, but "${result.scope}" was granted`

mailnews/base/src/OAuth2Providers.sys.mjs

@@ -18,7 +18,7 @@ const FASTMAIL_SCOPES =
   "https://www.fastmail.com/dev/protocol-imap https://www.fastmail.com/dev/protocol-pop https://www.fastmail.com/dev/protocol-smtp https://www.fastmail.com/dev/protocol-carddav https://www.fastmail.com/dev/protocol-caldav";
 const COMCAST_SCOPES = "https://email.comcast.net/ profile openid";
 const MICROSOFT_SCOPES =
-  "https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/EWS.AccessAsUser.All https://outlook.office.com/SMTP.Send offline_access";
+  "https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All https://outlook.office.com/EWS.AccessAsUser.All https://outlook.office.com/SMTP.Send";
 
 /**
  * Map of hostnames to [issuer, scope].