Send scopes in /oauth/token request

Closes #360
2023-04-03 22:43:01 -04:00 · 2023-04-03 22:43:01 -04:00 · f50c219f95
parent 5471d810c8
commit f50c219f95
2 changed files with 7 additions and 4 deletions
--- a/Packages/Pachyderm/Sources/Pachyderm/Client.swift
+++ b/Packages/Pachyderm/Sources/Pachyderm/Client.swift
@ -139,13 +139,14 @@ public class Client {
        }
    }
    
-    public func getAccessToken(authorizationCode: String, redirectURI: String, completion: @escaping Callback<LoginSettings>) {
+    public func getAccessToken(authorizationCode: String, redirectURI: String, scopes: [Scope], completion: @escaping Callback<LoginSettings>) {
        let request = Request<LoginSettings>(method: .post, path: "/oauth/token", body: ParametersBody([
                "client_id" => clientID,
                "client_secret" => clientSecret,
                "grant_type" => "authorization_code",
                "code" => authorizationCode,
-                "redirect_uri" => redirectURI
+                "redirect_uri" => redirectURI,
+                "scope" => scopes.scopeString,
            ]))
        run(request) { result in
            defer { completion(result) }
--- a/Tusker/API/MastodonController.swift
+++ b/Tusker/API/MastodonController.swift
@ -10,6 +10,8 @@ import Foundation
 import Pachyderm
 import Combine

+private let oauthScopes = [Scope.read, .write, .follow]
+
 class MastodonController: ObservableObject {

    static private(set) var all = [LocalData.UserAccountInfo: MastodonController]()
@ -128,7 +130,7 @@ class MastodonController: ObservableObject {
            return (clientID, clientSecret)
        } else {
            let app: RegisteredApplication = try await withCheckedThrowingContinuation({ continuation in
-                client.registerApp(name: "Tusker", redirectURI: "tusker://oauth", scopes: [.read, .write, .follow]) { response in
+                client.registerApp(name: "Tusker", redirectURI: "tusker://oauth", scopes: oauthScopes) { response in
                    switch response {
                    case .failure(let error):
                        continuation.resume(throwing: error)
@ -146,7 +148,7 @@ class MastodonController: ObservableObject {
    /// - Returns: The access token
    func authorize(authorizationCode: String) async throws -> String {
        return try await withCheckedThrowingContinuation({ continuation in
-            client.getAccessToken(authorizationCode: authorizationCode, redirectURI: "tusker://oauth") { response in
+            client.getAccessToken(authorizationCode: authorizationCode, redirectURI: "tusker://oauth", scopes: oauthScopes) { response in
                switch response {
                case .failure(let error):
                    continuation.resume(throwing: error)