From 01704d698a6217ed7a74b3bcdb5a42e5bcfc4eb1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Arthur=20Parient=C3=A9?=
 <41431456+arthurpar06@users.noreply.github.com>
Date: Mon, 15 Jul 2024 20:13:34 +0200
Subject: [PATCH] Allow OAuth Scopes customization (#1829)

Co-authored-by: Nabeel S. <nabeelio@users.noreply.github.com>
---
 app/Http/Controllers/Auth/OAuthController.php | 17 ++++++++++++++---
 config/services.php                           |  3 +++
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/app/Http/Controllers/Auth/OAuthController.php b/app/Http/Controllers/Auth/OAuthController.php
index 0a14465e0..0450c5e48 100644
--- a/app/Http/Controllers/Auth/OAuthController.php
+++ b/app/Http/Controllers/Auth/OAuthController.php
@@ -33,11 +33,22 @@ public function redirectToProvider(string $provider): RedirectResponse
                 if (!config('services.discord.enabled')) {
                     abort(404);
                 }
-                return Socialite::driver('discord')->scopes(['identify'])->redirect();
+
+                $requiredScopes = ['identify'];
+                $envScopes = config('services.discord.scopes', []);
+                $scopes = array_unique(array_merge($envScopes, $requiredScopes));
+
+                return Socialite::driver('discord')->scopes($scopes)->redirect();
             case 'ivao':
-                return Socialite::driver('ivao')->redirect();
+                $scopes = config('services.ivao.scopes', []);
+
+                return Socialite::driver('ivao')->scopes($scopes)->redirect();
             case 'vatsim':
-                return Socialite::driver('vatsim')->scopes(['email'])->redirect();
+                $requiredScopes = ['email'];
+                $envScopes = config('services.vatsim.scopes', []);
+                $scopes = array_unique(array_merge($envScopes, $requiredScopes));
+
+                return Socialite::driver('vatsim')->scopes($scopes)->redirect();
             default:
                 abort(404);
         }
diff --git a/config/services.php b/config/services.php
index ad3192cc3..0ea69c421 100755
--- a/config/services.php
+++ b/config/services.php
@@ -33,6 +33,7 @@
         'enabled'       => env('DISCORD_OAUTH_ENABLED', false),
         'client_id'     => env('DISCORD_CLIENT_ID'),
         'client_secret' => env('DISCORD_CLIENT_SECRET'),
+        'scopes'        => env('DISCORD_SCOPES', '') === '' ? [] : explode(',', env('DISCORD_SCOPES', '')),
         'redirect'      => '/oauth/discord/callback',
 
         // optional
@@ -45,6 +46,7 @@
         'enabled'       => env('VATSIM_OAUTH_ENABLED', false),
         'client_id'     => env('VATSIM_CLIENT_ID'),
         'client_secret' => env('VATSIM_CLIENT_SECRET'),
+        'scopes'        => env('VATSIM_SCOPES', '') === '' ? [] : explode(',', env('VATSIM_SCOPES', '')),
         'redirect'      => '/oauth/vatsim/callback',
 
         // For local development only
@@ -55,6 +57,7 @@
         'enabled'       => env('IVAO_OAUTH_ENABLED', false),
         'client_id'     => env('IVAO_CLIENT_ID'),
         'client_secret' => env('IVAO_CLIENT_SECRET'),
+        'scopes'        => env('IVAO_SCOPES', '') === '' ? [] : explode(',', env('IVAO_SCOPES', '')),
         'redirect'      => '/oauth/ivao/callback',
     ],
 ];