- {:ok, auth} <- Authorization.create_authorization(app, user) do
- # Special case: Local MastodonFE.
+ scopes <- oauth_scopes(auth_params, []),
+ {:unsupported_scopes, []} <- {:unsupported_scopes, scopes -- app.scopes},
+ # Note: `scope` param is intentionally not optional in this context
+ {:missing_scopes, false} <- {:missing_scopes, scopes == []},
+ {:auth_active, true} <- {:auth_active, User.auth_active?(user)},
+ {:ok, auth} <- Authorization.create_authorization(app, user, scopes) do