-
-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
@fastify/oauth2 - Is it possible to request an additional scope programmatically for oAuth Github #900
Comments
Shouldnt it be possible to call token.refresh({scope}) and specify your additional scope? |
@Uzlopak It seems that |
I checked it. The issue is, that simple-oauth does not provide the typings within the npm package. Also it seems, that simple-oauth wants to keep the typings maintained by definetly typed. If we want to make the typings stronger, we would either integrate the simple-oauth2 typings from definetly typed, which is not really preferable or add the typings as production dependency, which would mean that the typings are also installed when running the code in production, which is also not that preferable. But the refresh function exists on the token-object. So you could actually call refresh. Be aware, that you probably would get a new access token with the smaller scope, if you dont specify the scopes you already have. I dont know if simple-oauth would result in redirecting the SPA to the Authorization Server so that you could approve scopes, which you didnt approve at login time. If not, than it is a limitation of simple-oauth2 and would need a patch upstream to enable that. |
The problem is, I tried calling |
I am now in the tram and not on my PC. But if have the code of simple-oauth2 correctly in mind, you are accessing the .token attribute of the AccessToken-Instance, by doing const { token } = ... Do instead const token = Than you should have refresh() |
Ah, gotcha ya. I'll ping you back also once I'm back from work and let you know if it worked. Thanks for help again, getting back to you soon. |
Hey folks. I'm using
@fastify/oauth2
and it works flawlessly for many months now. I'd like to implement a feature in the platform I'm building, where our users could sync their public github repositories with their profiles.Whatsoever, my fastify/oauth2 by default is configured with only 2 scopes that I really need for authentication:
As you can see, I only request a user email and profile when users are authenticating. Whatsoever, I'd like to request a
repo
scope only if the users actually decide to sync their repositories. In simple words, I don't want to ask users forrepo
scope when they are logging in, as I don't know if they will ever want to sync the actual repositories.So the question is, is it possible to request this additional scope when requesting a new token using some of the methods from the library. I've checked the types of all the existing methods, and it doesn't seem like it. In simple words, when users in my platform click "Sync repositories", I'd like to invoke an oauth flow where I only request a
repo
scope to perform that action.Thanks in advance,
Alex
The text was updated successfully, but these errors were encountered: