Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

In the setup wizard for generic OAuth authentication, the default scope looks like this:
image

Oauth specs call for the scopes to be separated by spaces, and when this default is left in place, we get the following response from the auth provider:

GET
 https://<lowcoderURL>/user/auth/oauth/redirect?error=invalid_client&error_description=AADSTS650053: The application 'OIDCName' asked for scope 'openid,profile,email,offline_access' that doesn't exist on the resource '00000003-0000-0000-c000-000000000000'. Contact the app vendor. Trace ID: 31462217-5a92-430c-8ec7-1c2b20aea000 Correlation ID: 889b6cd1-3ac2-45ae-8f02-32a523f7fab4 Timestamp: 2024年05月28日 18:26:48Z&state=f81bc204

It appears the process to replace the comma-separated list with spaces isn't working as intended.

Expected Behavior

Scope is sent to the provider as:
openid profile email offline_access

Steps to reproduce

Configure a generic oauth provider, keeping the scope as provided by default. Attempt an authentication session, and the response in the dev console will include the above error.

Environment

docker multi-image deployment on enterprise linux

Additional Information

No response