From 4de26841470ccae8eb879912e23ac8818747a2cc Mon Sep 17 00:00:00 2001
From: Peter Rowlands <peter@pmrowla.com>
Date: Fri, 19 Jun 2015 00:04:23 +0900
Subject: [PATCH 1/2] Allow user to specify AUTH_PARAMS settings for OAuth
 providers

---
 allauth/socialaccount/providers/oauth/client.py   |  3 ++-
 allauth/socialaccount/providers/oauth/provider.py | 13 +++++++++++++
 allauth/socialaccount/providers/oauth/views.py    |  3 ++-
 3 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/allauth/socialaccount/providers/oauth/client.py b/allauth/socialaccount/providers/oauth/client.py
index 4dbbe9d65d..5f4e60459a 100644
--- a/allauth/socialaccount/providers/oauth/client.py
+++ b/allauth/socialaccount/providers/oauth/client.py
@@ -133,7 +133,7 @@ def is_valid(self):
             return False
         return True
 
-    def get_redirect(self, authorization_url):
+    def get_redirect(self, authorization_url, extra_params):
         """
         Returns a ``HttpResponseRedirect`` object to redirect the user
         to the URL the OAuth provider handles authorization.
@@ -142,6 +142,7 @@ def get_redirect(self, authorization_url):
         params = {'oauth_token': request_token['oauth_token'],
                   'oauth_callback': self.request.build_absolute_uri(
                       self.callback_url)}
+        params.update(extra_params)
         url = authorization_url + '?' + urlencode(params)
         return HttpResponseRedirect(url)
 
diff --git a/allauth/socialaccount/providers/oauth/provider.py b/allauth/socialaccount/providers/oauth/provider.py
index ba484f2595..8e25f656ad 100644
--- a/allauth/socialaccount/providers/oauth/provider.py
+++ b/allauth/socialaccount/providers/oauth/provider.py
@@ -1,3 +1,8 @@
+try:
+    from urllib.parse import parse_qsl
+except ImportError:
+    from urlparse import parse_qsl
+
 from django.core.urlresolvers import reverse
 from django.utils.http import urlencode
 
@@ -12,6 +17,14 @@ def get_login_url(self, request, **kwargs):
             url = url + '?' + urlencode(kwargs)
         return url
 
+    def get_auth_params(self, request, action):
+        settings = self.get_settings()
+        ret = settings.get('AUTH_PARAMS', {})
+        dynamic_auth_params = request.GET.get('auth_params', None)
+        if dynamic_auth_params:
+            ret.update(dict(parse_qsl(dynamic_auth_params)))
+        return ret
+
     def get_auth_url(self, request, action):
         # TODO: This is ugly. Move authorization_url away from the
         # adapter into the provider. Hmpf, the line between
diff --git a/allauth/socialaccount/providers/oauth/views.py b/allauth/socialaccount/providers/oauth/views.py
index 653b680e5d..4be0126e26 100644
--- a/allauth/socialaccount/providers/oauth/views.py
+++ b/allauth/socialaccount/providers/oauth/views.py
@@ -57,9 +57,10 @@ def dispatch(self, request):
         provider = self.adapter.get_provider()
         auth_url = provider.get_auth_url(request,
                                          action) or self.adapter.authorize_url
+        auth_params = provider.get_auth_params(request, action)
         client = self._get_client(request, callback_url)
         try:
-            return client.get_redirect(auth_url)
+            return client.get_redirect(auth_url, auth_params)
         except OAuthError as e:
             return render_authentication_error(request,
                                                self.adapter.provider_id,

From eb5d237bb60b22b3556bfd925191c40424c89f53 Mon Sep 17 00:00:00 2001
From: Peter Rowlands <peter@pmrowla.com>
Date: Fri, 19 Jun 2015 00:15:37 +0900
Subject: [PATCH 2/2] Set app permissions parameter for flickr

fixes #618
---
 .../socialaccount/providers/flickr/provider.py   |  7 +++++++
 docs/providers.rst                               | 16 ++++++++++++++++
 2 files changed, 23 insertions(+)

diff --git a/allauth/socialaccount/providers/flickr/provider.py b/allauth/socialaccount/providers/flickr/provider.py
index 5d653afc63..7105264da5 100644
--- a/allauth/socialaccount/providers/flickr/provider.py
+++ b/allauth/socialaccount/providers/flickr/provider.py
@@ -28,6 +28,13 @@ def get_default_scope(self):
         scope = []
         return scope
 
+    def get_auth_params(self, request, action):
+        ret = super(FlickrProvider, self).get_auth_params(request,
+                                                          action)
+        if 'perms' not in ret:
+            ret['perms'] = 'read'
+        return ret
+
     def get_profile_fields(self):
         default_fields = ['id',
                           'first-name',
diff --git a/docs/providers.rst b/docs/providers.rst
index d73fcd9454..63e8972d39 100644
--- a/docs/providers.rst
+++ b/docs/providers.rst
@@ -143,6 +143,22 @@ The provider is OAuth2 based. More info:
 
 Note: This is not the same as the Mozilla Persona provider below.
 
+Flickr
+------
+
+App registration
+    https://www.flickr.com/services/apps/create/
+
+You can optionally specify the application permissions to use. If no `perms`
+value is set, the Flickr provider will use `read` by default.::
+
+    SOCIALACCOUNT_PROVIDERS = \
+        { 'flickr':
+            { 'AUTH_PARAMS': { 'perms': 'write' } }}
+
+More info:
+    https://www.flickr.com/services/api/auth.oauth.html#authorization
+
 GitHub
 ------