fix+feat: use verify oauth client helper in token as well

2025-06-09 15:55:36 +02:00
parent 299e7eddc4
commit dc41521a99
4 changed files with 48 additions and 29 deletions
--- a/internal/oauth/authorize.go
+++ b/internal/oauth/authorize.go
@ -3,6 +3,7 @@ package oauth
 import (
 	"fmt"
 	"net/http"
+	"strings"

 	"gitea.local/admin/hspguard/internal/web"
 )
@ -27,10 +28,13 @@ func (h *OAuthHandler) AuthorizeClient(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	if uri, err := h.verifyOAuthClient(w, r, &VerifyOAuthClientParams{
+	scopes := strings.Split(strings.TrimSpace(r.URL.Query().Get("scope")), " ")
+
+	if uri, err := h.verifyOAuthClient(r.Context(), &VerifyOAuthClientParams{
 		ClientID:    clientId,
-		RedirectURI: redirectUri,
+		RedirectURI: &redirectUri,
 		State:       state,
+		Scopes:      &scopes,
 	}); err != nil {
 		http.Redirect(w, r, uri, http.StatusFound)
 		return