Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for connection_scope in params #99

Merged
merged 2 commits into from
Apr 1, 2020
Merged

Add support for connection_scope in params #99

merged 2 commits into from
Apr 1, 2020

Conversation

felixclack
Copy link
Contributor

@felixclack felixclack commented Apr 1, 2020
edited
Loading

Many identity providers recommend asking for permissions progressively
as per the requirements of your app, rather than all up-front.

Auth0 provides an option for requesting scopes for an identity provider
with the connection_scope parameter. Right now this can only be set
statically in the OmniAuth initializer.

This makes it hard to progressively request extra scopes.

A pattern for adding dynamic parameters to authorize_params already
exists and is used for connection and prompt.

We can extend this to add support for connection_scope too.

The values passed to connection_scope are often unique to the identity
provider and so will only be applied if they are supported by the
connection chosen by the user or the connection parameter.

Testing

  • This change adds unit test coverage
  • This change has been tested on the latest version of the platform/language or why not

Checklist

@felixclack
Add support for connection_scope in params
329415f 
Many identity providers recommend asking for permissions progressively
as per the requirements of your app, rather than all up-front.

Auth0 provides an option for requesting scopes for an identity provider
with the `connection_scope` parameter. Right now this can only be set
statically in the OmniAuth initializer.

This makes it hard to progressively request extra scopes.

A pattern for adding dynamic parameters to `authorize_params` already
exists and is used for `connection` and `prompt`.

We can extend this to add support for `connection_scope` too.

The values passed to `connection_scope` are often unique to the identity
provider and so will only be applied if they are supported by the
connection chosen by the user or the `connection` parameter.
@felixclack felixclack requested a review from a team April 1, 2020 03:28
@lbalmaceda lbalmaceda added this to the vNext milestone Apr 1, 2020
@lbalmaceda lbalmaceda merged commit ed9f4e4 into auth0:master Apr 1, 2020
@davidpatrick davidpatrick mentioned this pull request Sep 22, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lbalmaceda lbalmaceda lbalmaceda approved these changes

Assignees
No one assigned
Labels
CH: Added
Projects
None yet
Milestone
2.4.0
Development

Successfully merging this pull request may close these issues.
2 participants
@felixclack @lbalmaceda