Backport of #278 for 1.6.1

This is a backport of #278 with the default value of `scope` changed to
`undefined`. This is thus a fully backward-compatible change.

Signed-off-by: Victor Berger <victor.berger@m4x.org>

4 files changed, 8 insertions, 4 deletions

diff --git a/lib/config/default.js b/lib/config/default.js
index 7504fda2..9b852d1e 100644
--- a/lib/config/default.js
+++ b/lib/config/default.js
@@ -91,7 +91,8 @@ module.exports = {
     authorizationURL: undefined,
     tokenURL: undefined,
     clientID: undefined,
-    clientSecret: undefined
+    clientSecret: undefined,
+    scope: undefined
   },
   facebook: {
     clientID: undefined,
diff --git a/lib/config/environment.js b/lib/config/environment.js
index 219be499..87a7e3ee 100644
--- a/lib/config/environment.js
+++ b/lib/config/environment.js
@@ -92,7 +92,8 @@ module.exports = {
     tokenURL: process.env.CMD_OAUTH2_TOKEN_URL,
     authorizationURL: process.env.CMD_OAUTH2_AUTHORIZATION_URL,
     clientID: process.env.CMD_OAUTH2_CLIENT_ID,
-    clientSecret: process.env.CMD_OAUTH2_CLIENT_SECRET
+    clientSecret: process.env.CMD_OAUTH2_CLIENT_SECRET,
+    scope: process.env.CMD_OAUTH2_SCOPE
   },
   dropbox: {
     clientID: process.env.CMD_DROPBOX_CLIENTID,
diff --git a/lib/config/hackmdEnvironment.js b/lib/config/hackmdEnvironment.js
index dcfda0bc..d4ae77f0 100644
--- a/lib/config/hackmdEnvironment.js
+++ b/lib/config/hackmdEnvironment.js
@@ -81,7 +81,8 @@ module.exports = {
     tokenURL: process.env.HMD_OAUTH2_TOKEN_URL,
     authorizationURL: process.env.HMD_OAUTH2_AUTHORIZATION_URL,
     clientID: process.env.HMD_OAUTH2_CLIENT_ID,
-    clientSecret: process.env.HMD_OAUTH2_CLIENT_SECRET
+    clientSecret: process.env.HMD_OAUTH2_CLIENT_SECRET,
+    scope: process.env.HMD_OAUTH2_SCOPE
   },
   dropbox: {
     clientID: process.env.HMD_DROPBOX_CLIENTID,
diff --git a/lib/web/auth/oauth2/index.js b/lib/web/auth/oauth2/index.js
index 2bd73196..1865ad54 100644
--- a/lib/web/auth/oauth2/index.js
+++ b/lib/web/auth/oauth2/index.js
@@ -89,7 +89,8 @@ passport.use(new OAuth2CustomStrategy({
   clientID: config.oauth2.clientID,
   clientSecret: config.oauth2.clientSecret,
   callbackURL: config.serverURL + '/auth/oauth2/callback',
-  userProfileURL: config.oauth2.userProfileURL
+  userProfileURL: config.oauth2.userProfileURL,
+  scope: config.oauth2.scope
 }, passportGeneralCallback))
 
 oauth2Auth.get('/auth/oauth2', function (req, res, next) {