Allow OAuth Scopes customization (nabeelio#1829)

Co-authored-by: Nabeel S. <[email protected]>
arthurpar06 · Jul 15, 2024 · 01704d6 · 01704d6
1 parent 912331c
commit 01704d6
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 3 deletions.
diff --git a/app/Http/Controllers/Auth/OAuthController.php b/app/Http/Controllers/Auth/OAuthController.php
@@ -33,11 +33,22 @@ public function redirectToProvider(string $provider): RedirectResponse
                 if (!config('services.discord.enabled')) {
                     abort(404);
                 }
-                return Socialite::driver('discord')->scopes(['identify'])->redirect();
+
+                $requiredScopes = ['identify'];
+                $envScopes = config('services.discord.scopes', []);
+                $scopes = array_unique(array_merge($envScopes, $requiredScopes));
+
+                return Socialite::driver('discord')->scopes($scopes)->redirect();
             case 'ivao':
-                return Socialite::driver('ivao')->redirect();
+                $scopes = config('services.ivao.scopes', []);
+
+                return Socialite::driver('ivao')->scopes($scopes)->redirect();
             case 'vatsim':
-                return Socialite::driver('vatsim')->scopes(['email'])->redirect();
+                $requiredScopes = ['email'];
+                $envScopes = config('services.vatsim.scopes', []);
+                $scopes = array_unique(array_merge($envScopes, $requiredScopes));
+
+                return Socialite::driver('vatsim')->scopes($scopes)->redirect();
             default:
                 abort(404);
         }

diff --git a/config/services.php b/config/services.php
@@ -33,6 +33,7 @@
         'enabled'       => env('DISCORD_OAUTH_ENABLED', false),
         'client_id'     => env('DISCORD_CLIENT_ID'),
         'client_secret' => env('DISCORD_CLIENT_SECRET'),
+        'scopes'        => env('DISCORD_SCOPES', '') === '' ? [] : explode(',', env('DISCORD_SCOPES', '')),
         'redirect'      => '/oauth/discord/callback',
 
         // optional
@@ -45,6 +46,7 @@
         'enabled'       => env('VATSIM_OAUTH_ENABLED', false),
         'client_id'     => env('VATSIM_CLIENT_ID'),
         'client_secret' => env('VATSIM_CLIENT_SECRET'),
+        'scopes'        => env('VATSIM_SCOPES', '') === '' ? [] : explode(',', env('VATSIM_SCOPES', '')),
         'redirect'      => '/oauth/vatsim/callback',
 
         // For local development only
@@ -55,6 +57,7 @@
         'enabled'       => env('IVAO_OAUTH_ENABLED', false),
         'client_id'     => env('IVAO_CLIENT_ID'),
         'client_secret' => env('IVAO_CLIENT_SECRET'),
+        'scopes'        => env('IVAO_SCOPES', '') === '' ? [] : explode(',', env('IVAO_SCOPES', '')),
         'redirect'      => '/oauth/ivao/callback',
     ],
 ];