Guest create page: name field autofocus

[bookstack] / app / Auth / Access / Oidc / OidcOAuthProvider.php

diff --git a/app/Auth/Access/Oidc/OidcOAuthProvider.php b/app/Auth/Access/Oidc/OidcOAuthProvider.php
index 03230e373dfb1daefbeaf640aaa9cdfefa2382f5..d577d8947d68b24a75d39ef26e93756e4bfdef57 100644 (file)
--- a/app/Auth/Access/Oidc/OidcOAuthProvider.php
+++ b/app/Auth/Access/Oidc/OidcOAuthProvider.php
@@ -30,6 +30,10 @@ class OidcOAuthProvider extends AbstractProvider
      */
     protected $tokenEndpoint;
 
+    /**
+     * Scopes to use for the OIDC authorization call.
+     */
+    protected array $scopes = ['openid', 'profile', 'email'];
 
     /**
      * Returns the base URL for authorizing a client.
@@ -55,6 +59,15 @@ class OidcOAuthProvider extends AbstractProvider
         return '';
     }
 
+    /**
+     * Add an additional scope to this provider upon the default.
+     */
+    public function addScope(string $scope): void
+    {
+        $this->scopes[] = $scope;
+        $this->scopes = array_unique($this->scopes);
+    }
+
     /**
      * Returns the default scopes used by this provider.
      *
@@ -63,10 +76,9 @@ class OidcOAuthProvider extends AbstractProvider
      */
     protected function getDefaultScopes(): array
     {
-        return ['openid', 'profile', 'email'];
+        return $this->scopes;
     }
 
-
     /**
      * Returns the string that should be used to separate scopes when building
      * the URL for requesting an access token.
@@ -80,9 +92,11 @@ class OidcOAuthProvider extends AbstractProvider
      * Checks a provider response for errors.
      *
      * @param ResponseInterface $response
-     * @param array|string $data Parsed response data
-     * @return void
+     * @param array|string      $data     Parsed response data
+     *
      * @throws IdentityProviderException
+     *
+     * @return void
      */
     protected function checkResponse(ResponseInterface $response, $data)
     {
@@ -99,8 +113,9 @@ class OidcOAuthProvider extends AbstractProvider
      * Generates a resource owner object from a successful resource owner
      * details request.
      *
-     * @param array $response
+     * @param array       $response
      * @param AccessToken $token
+     *
      * @return ResourceOwnerInterface
      */
     protected function createResourceOwner(array $response, AccessToken $token)
@@ -114,14 +129,13 @@ class OidcOAuthProvider extends AbstractProvider
      * The grant that was used to fetch the response can be used to provide
      * additional context.
      *
-     * @param array $response
+     * @param array         $response
      * @param AbstractGrant $grant
+     *
      * @return OidcAccessToken
      */
     protected function createAccessToken(array $response, AbstractGrant $grant)
     {
         return new OidcAccessToken($response);
     }
-
-
-}
\ No newline at end of file
+}