Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge pull request #30 from famoseagle/master

Dynamic permissions in the auth params
  • Loading branch information...
commit 9ce127bb4369923c17c483b3cf3ab9dd18b7f253 2 parents cf13590 + 8d0b89e
@mkdynamic mkdynamic authored
View
3  lib/omniauth/strategies/facebook.rb
@@ -82,7 +82,7 @@ def access_token_options
end
##
- # You can pass +display+ or +state+ params to the auth request, if
+ # You can pass +display+, +state+ or +scope+ params to the auth request, if
# you need to set them dynamically. You can also set these options
# in the OmniAuth config :authorize_params option.
#
@@ -92,6 +92,7 @@ def authorize_params
super.tap do |params|
params.merge!(:display => request.params['display']) if request.params['display']
params.merge!(:state => request.params['state']) if request.params['state']
+ params.merge!(:scope => request.params['scope']) if request.params['scope']
params[:scope] ||= DEFAULT_SCOPE
end
end
View
6 spec/omniauth/strategies/facebook_spec.rb
@@ -76,6 +76,12 @@
subject.authorize_params.should be_a(Hash)
subject.authorize_params[:state].should eq('some_state')
end
+
+ it 'overrides default scope with parameter passed from request' do
+ @request.stub(:params) { { 'scope' => 'email' } }
+ subject.authorize_params.should be_a(Hash)
+ subject.authorize_params[:scope].should eq('email')
+ end
end
describe '#token_params' do
Please sign in to comment.
Something went wrong with that request. Please try again.