Change scopes for ext. auth, use "user:email" for github

2019-09-30 14:44:45 +02:00 · 2019-09-30 14:44:45 +02:00 · fee5c2be8f
commit fee5c2be8f
parent d34d8bf9f3
1 changed files with 6 additions and 7 deletions
--- a/system/auth/external/goth.go
+++ b/system/auth/external/goth.go
@ -49,8 +49,7 @@ func setupGoth(as *service.AuthSettings) {

 func setupGothProviders(as *service.AuthSettings) {
 	var (
-		err    error
-		scopes = []string{"email"}
+		err error
 	)

 	// Purge all previously configured providers
@ -85,7 +84,7 @@ func setupGothProviders(as *service.AuthSettings) {

 			wellKnown := strings.TrimSuffix(pc.IssuerUrl, "/") + WellKnown

-			if provider, err = openidConnect.New(pc.Key, pc.Secret, pc.RedirectUrl, wellKnown, scopes...); err != nil {
+			if provider, err = openidConnect.New(pc.Key, pc.Secret, pc.RedirectUrl, wellKnown, "email"); err != nil {
 				log.Error("failed to discover OIDC provider", zap.Error(err), zap.String("well-known", wellKnown))
 				continue
 			} else {
@ -94,13 +93,13 @@ func setupGothProviders(as *service.AuthSettings) {
 		} else {
 			switch name {
 			case "github":
-				provider = github.New(pc.Key, pc.Secret, pc.RedirectUrl, scopes...)
+				provider = github.New(pc.Key, pc.Secret, pc.RedirectUrl, "user:email")
 			case "facebook":
-				provider = facebook.New(pc.Key, pc.Secret, pc.RedirectUrl, scopes...)
+				provider = facebook.New(pc.Key, pc.Secret, pc.RedirectUrl, "email")
 			case "google":
-				provider = google.New(pc.Key, pc.Secret, pc.RedirectUrl, scopes...)
+				provider = google.New(pc.Key, pc.Secret, pc.RedirectUrl, "email")
 			case "linkedin":
-				provider = linkedin.New(pc.Key, pc.Secret, pc.RedirectUrl, scopes...)
+				provider = linkedin.New(pc.Key, pc.Secret, pc.RedirectUrl, "email")
 			}
 		}