(The following text was extracted from the docs at http://psa.matiasaguirre.net/docs/use_cases.html#multiple-scopes-per-provider)
At the moment python-social-auth doesn't provide a method to define multiple scopes for single backend, this is usually desired since it's recommended to ask the user for the minimum scope possible and increase the access when it's really needed. It's possible to add a new backend extending the original one to accomplish that behavior, there are two ways to do it.
Overriding get_scope()
method
from social.backends.facebook import FacebookOAuth2
class CustomFacebookOAuth2(FacebookOauth2):
def get_scope(self):
scope = super(CustomFacebookOAuth2, self).get_scope()
if self.data.get('extrascope'):
scope += [('foo', 'bar')]
return scope
This method is quite simple, it overrides the method that returns the scope value in a backend (get_scope()
) and adds extra values tot he list if it was indicated by a parameter in the GET
or POST
data (self.data
).
Put this new backend in some place in your project and replace the original FacebookOAuth2
in AUTHENTICATION_BACKENDS
with this new version.
Defining a backend to handle the scope
It's possible to do the same by defining a second backend which extends from the original but overrides the name, this will imply new URLs and also new settings for the new backend (since the name is used to build the settings names), it also implies a new application in the provider since not all providers give you the option of defining multiple redirect URLs. To do it just add a backend like:
from social.backends.facebook import FacebookOAuth2
class CustomFacebookOAuth2(FacebookOauth2):
name = 'facebook-custom'
Put this new backend in some place in your project keeping the original FacebookOAuth2
in AUTHENTICATION_BACKENDS
. Now a new set of URLs will be functional:
/login/facebook-custom
/complete/facebook-custom
/disconnect/facebook-custom
And also a new set of settings:
SOCIAL_AUTH_FACEBOOK_CUSTOM_KEY = '...'
SOCIAL_AUTH_FACEBOOK_CUSTOM_SECRET = '...'
SOCIAL_AUTH_FACEBOOK_CUSTOM_SCOPE = [...]
When the extra permissions are needed, just redirect the user to /login/facebook-custom
and then get the social auth entry for this new backend with user.social_auth.get(provider='facebook-custom')
and use the access_token
in it.