Merge pull request omniauth#79 from davebrace/include-token-scope-in-extra

suprnova32 · web-flow · commit 6b497a8261c1 · 2020-02-05T10:47:26.000-06:00
Include the received access token's scope in the 'extra' hash
diff --git a/lib/omniauth/strategies/github.rb b/lib/omniauth/strategies/github.rb
@@ -39,7 +39,7 @@ def authorize_params
       end
 
       extra do
-        {:raw_info => raw_info, :all_emails => emails}
+        {:raw_info => raw_info, :all_emails => emails, :scope => scope }
       end
 
       def raw_info
@@ -51,6 +51,10 @@ def email
         (email_access_allowed?) ? primary_email : raw_info['email']
       end
 
+      def scope
+        access_token['scope']
+      end
+
       def primary_email
         primary = emails.find{ |i| i['primary'] && i['verified'] }
         primary && primary['email'] || nil
diff --git a/spec/omniauth/strategies/github_spec.rb b/spec/omniauth/strategies/github_spec.rb
@@ -1,7 +1,7 @@
 require 'spec_helper'
 
 describe OmniAuth::Strategies::GitHub do
-  let(:access_token) { instance_double('AccessToken', :options => {}) }
+  let(:access_token) { instance_double('AccessToken', :options => {}, :[] => 'user') }
   let(:parsed_response) { instance_double('ParsedResponse') }
   let(:response) { instance_double('Response', :parsed => parsed_response) }
 
@@ -166,6 +166,12 @@
     end
   end
 
+  context '#extra.scope' do
+    it 'returns the scope on the returned access_token' do
+      expect(subject.scope).to eq('user')
+    end
+  end
+
   describe '#callback_url' do
     it 'is a combination of host, script name, and callback path' do
       allow(subject).to receive(:full_host).and_return('https://example.com')
