From e9b62693deec634056de3cd4b8555d23d3bc4691 Mon Sep 17 00:00:00 2001
From: Ivan Tashkinov <ivantbusiness@gmail.com>
Date: Wed, 11 Dec 2019 09:08:32 +0000
Subject: [PATCH] Added 'admin' & 'push' OAuth scopes. Disabled PleromaFE login
 feature since PleromaFE shouldn't request admin scope.

---
 CHANGELOG.md               | 1 +
 src/api/__mocks__/login.js | 2 +-
 src/api/login.js           | 2 +-
 src/views/login/index.vue  | 1 +
 4 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index be8ddcde..7fb39e8d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ### Changed
 
+- **breaking** PleromaFE login feature relies on `admin` scope presence in PleromaFE token (older versions of PleromaFE don't support it)
 - Moves emoji pack configuration from the main menu to settings tab, redesigns it and fixes bugs
 - `mailerEnabled` must be set to `true` in order to require password reset (password reset currently only works via email)
 - Remove fetching initial data for configuring server settings
diff --git a/src/api/__mocks__/login.js b/src/api/__mocks__/login.js
index 4ce54a8f..a980f88b 100644
--- a/src/api/__mocks__/login.js
+++ b/src/api/__mocks__/login.js
@@ -8,7 +8,7 @@ export async function loginByUsername(username, password, authHost) {
   const verifyHost = user.authHost === authHost
   const data = {
     'token_type': 'Bearer',
-    'scope': 'read write follow',
+    'scope': 'read write follow push admin',
     'refresh_token': 'foo123',
     'me': 'bob',
     'expires_in': 600,
diff --git a/src/api/login.js b/src/api/login.js
index d5ef3b38..28421f29 100644
--- a/src/api/login.js
+++ b/src/api/login.js
@@ -9,7 +9,7 @@ export async function loginByUsername(username, password, authHost) {
     data: {
       client_name: `AdminFE_${Math.random()}`,
       redirect_uris: `${window.location.origin}/oauth-callback`,
-      scopes: 'read write follow'
+      scopes: 'read write follow push admin'
     }
   })
 
diff --git a/src/views/login/index.vue b/src/views/login/index.vue
index 3c0e996f..fbcfbe7c 100644
--- a/src/views/login/index.vue
+++ b/src/views/login/index.vue
@@ -41,6 +41,7 @@
       <el-button :loading="loading" class="login-button" type="primary" @click.native.prevent="handleLogin">
         {{ $t('login.logIn') }}
       </el-button>
+      <!-- Note: PleromaFE login feature relies on admin scope presence in PleromaFE token (older versions of PleromaFE don't support it) -->
       <el-button v-if="pleromaFEToken" :loading="loadingPleromaFE" class="login-button" type="primary" @click.native.prevent="handlePleromaFELogin">
         {{ $t('login.logInViaPleromaFE') }}
       </el-button>
-- 
GitLab