Question
I have a doorkeeper provider and I need to add some scopes that not all apps can use. I want to limit the scopes a token can ask for, to the scopes than an application has access to.
So for example, application A is an app that has "access" to the xyz and abc scopes, but application B can only "access" the scope abc.
All access tokens from application B might require the abc scope but could not ask for scope xyz. Access tokens from application A might have any (or both) of those scopes.
Is there any way to prevent application B from requesting scope xyz? Or how would you implement this?
Thanks a lot!
Solution
No, there's not a particularly clean way of doing this right now within Doorkeeper.
It has been discussed in this issue, and there are two potential patches proposed here and here. Hopefully one of those makes it into the gem. If you need this feature urgently, people have also provided several monkey-patching solutions in the comments of those issues.
https://stackoverflow.com/questions/19800543
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian