Support for specifying a custom scope

Since several people have had issues with OAuth2 providers requring a specific ‘scope’ value:

https://twitter.com/jmccartie/status/997557366416592896

I went ahead and added support for specifying a custom scope:

https://github.com/discourse/discourse-oauth2-basic/commit/04ef6494de4f1e0d7f34680c1ddf9bfe4cef8f0a

All you need to do now is specify the scope you want to use in the “oauth2 scope” site setting field.

Enjoy!

7 Likes

How is this scope being sent? I was expecting it to be a GET param, e.g. https://www.myserver.org/path/to/authorize?client_id=CLIENT_ID&redirect_uri=REDIRECT_URI&response_type=code&state=STATE_ID&scope=login, but after setting what seems like the right configs…

… I don’t see the scope param getting included in the oauth2 authorize url when users click the OAuth login button.

Try resetting oauth2 authorize options to the default (“scope”), and then set oauth2 scope to login.

2 Likes

Thanks, that did it! Figured I was confused about something.