From 15bed505386224d42b144da8d3cf56b418a29610 Mon Sep 17 00:00:00 2001
From: metamuffin <metamuffin@disroot.org>
Date: Sat, 24 Aug 2024 00:56:36 +0200
Subject: customize scope

---
 src/modules/auth/openid.rs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/modules/auth/openid.rs b/src/modules/auth/openid.rs
index a8d9d6e..7253ba8 100644
--- a/src/modules/auth/openid.rs
+++ b/src/modules/auth/openid.rs
@@ -42,6 +42,7 @@ pub struct OpenIDAuth {
     client_id: String,
     authorize_endpoint: String,
     token_endpoint: String,
+    scope: String,
     next: DynNode,
 }
 
@@ -153,13 +154,14 @@ id_token={id_token:?}"#
                 let redirect_uri = redirect_uri(&request)?.to_string();
 
                 let uri = format!(
-                    "{}?client_id={}&redirect_uri={}&state={}_{}&code_challenge={}&code_challenge_method=S256&response_type=code&scope=openid magic",
+                    "{}?client_id={}&redirect_uri={}&state={}_{}&code_challenge={}&code_challenge_method=S256&response_type=code&scope=openid {}",
                     self.authorize_endpoint,
                     utf8_percent_encode(&self.client_id, NON_ALPHANUMERIC),
                     utf8_percent_encode(&redirect_uri, NON_ALPHANUMERIC),
                     hex::encode(verif_cipher),
                     utf8_percent_encode(&request.uri().to_string(), NON_ALPHANUMERIC),
                     base64::engine::general_purpose::URL_SAFE.encode(chal).trim_end_matches("="),
+                    utf8_percent_encode(&self.scope, NON_ALPHANUMERIC),
                 );
                 info!("redirect {uri:?}");
                 let mut resp =
-- 
cgit v1.2.3-70-g09d2