X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Foauth%2Fauthorization.ex;h=d37c2cb83b5c70fe67866e97290627f0352b6156;hb=bc4f77b10bb4360ac00d1999b1d08fa55e1fa547;hp=ea742f6786deab65311585f8ad7b6a07d033c799;hpb=6a6a5b3251f7137e30b687a9a8448e678446f8b0;p=akkoma

diff --git a/lib/pleroma/web/oauth/authorization.ex b/lib/pleroma/web/oauth/authorization.ex
index ea742f678..d37c2cb83 100644
--- a/lib/pleroma/web/oauth/authorization.ex
+++ b/lib/pleroma/web/oauth/authorization.ex
@@ -10,10 +10,12 @@ defmodule Pleroma.Web.OAuth.Authorization do
   alias Pleroma.Web.OAuth.Authorization
   alias Pleroma.Web.OAuth.App
 
-  import Ecto.{Changeset, Query}
+  import Ecto.Changeset
+  import Ecto.Query
 
   schema "oauth_authorizations" do
     field(:token, :string)
+    field(:scopes, {:array, :string}, default: [])
     field(:valid_until, :naive_datetime)
     field(:used, :boolean, default: false)
     belongs_to(:user, Pleroma.User, type: Pleroma.FlakeId)
@@ -22,14 +24,16 @@ defmodule Pleroma.Web.OAuth.Authorization do
     timestamps()
   end
 
-  def create_authorization(%App{} = app, %User{} = user) do
-    token = :crypto.strong_rand_bytes(32) |> Base.url_encode64()
+  def create_authorization(%App{} = app, %User{} = user, scopes \\ nil) do
+    scopes = scopes || app.scopes
+    token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false)
 
     authorization = %Authorization{
       token: token,
       used: false,
       user_id: user.id,
       app_id: app.id,
+      scopes: scopes,
       valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10)
     }