OAuthServer - default "whoami" scope and refine scope-asking workflow
eee8d194eb48
Actions

Authored by Bob Trahan <btrahan@phacility.com> on Feb 7 2015, 00:32.

Description

OAuthServer - default "whoami" scope and refine scope-asking workflow

Summary: Ref T7153. The "whoami" scope should be default and always on, because otherwise we can't do anything at all. Also, if a client doesn't want a certain scope, don't bother asking the user for it. To get there, had to add "scope" to the definition of a client.

Test Plan: applied the patch to a phabricator "client" and a phabricator "server" as far as oauth shenanigans go. Then I tried to login / register with oauth. If the "client" was configured to ask for "always on" access I got that in the dialogue, and otherwise no additional scope questions were present. Verified scope was properly granted in either case.

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin, epriestley

Maniphest Tasks: T7153

Differential Revision: https://secure.phabricator.com/D11705

Details

Committed

Bob Trahan <btrahan@phacility.com>

Feb 7 2015, 00:32

Pushed

aubort

Jan 31 2017, 17:16

Parents

rPH28b23fd789dc: Use --hex-blob flag in bin/storage dump

Branches

Unknown

Tags

Unknown

Event Timeline

Bob Trahan <btrahan@phacility.com> committed rPHeee8d194eb48: OAuthServer - default "whoami" scope and refine scope-asking workflow (authored by Bob Trahan <btrahan@phacility.com>).Feb 7 2015, 00:32

Changes (2)

				Path
	M			src/applications/oauthserver/PhabricatorOAuthServerScope.php
	M			src/applications/oauthserver/controller/PhabricatorOAuthServerAuthController.php

rPHeee8d194eb48

View Options

src/applications/oauthserver/PhabricatorOAuthServerScope.php