https://trello.com/c/5vWCb7UG - add notifications scope for github cr2pr

cstryker · cstryker · commit 7c929983b207 · 2020-08-11T16:06:22.000-07:00
diff --git a/api_server/lib/oauth/oauth_module.js b/api_server/lib/oauth/oauth_module.js
@@ -462,8 +462,10 @@ class OAuthModule extends APIServerModule {
 				hasIssues: hasIssues,
 				hasSharing: hasSharing
 			};
-			if (forEnterprise && scopes) {
-				info.scopes = scopes.split(',');
+			if (scopes) {
+				const scopes_comma = scopes.split(',');
+				const scopes_space = scopes.split(' ');
+				info.scopes = scopes_comma.length > scopes_space.length ? scopes_comma : scopes_space;
 			}
 			return info;
 		}
diff --git a/api_server/modules/github_auth/github_auth.js b/api_server/modules/github_auth/github_auth.js
@@ -12,7 +12,7 @@ const OAUTH_CONFIG = {
 	authPath: 'login/oauth/authorize',
 	tokenPath: 'login/oauth/access_token',
 	exchangeFormat: 'query',
-	scopes: 'repo,read:user,user:email',
+	scopes: 'repo,read:user,user:email,notifications',
 	noGrantType: true,
 	hasIssues: true,
 	supportsSignup: true
diff --git a/api_server/modules/providers/provider_test_constants.js b/api_server/modules/providers/provider_test_constants.js
@@ -17,7 +17,8 @@ const STANDARD_PROVIDER_HOSTS = {
 		isEnterprise: false,
 		host: 'bitbucket.org',
 		apiHost: 'api.bitbucket.org/2.0',
-		hasIssues: true
+		hasIssues: true,
+		scopes: ['account', 'team', 'repository', 'issue:write', 'pullrequest:write']
 	},
 	'bitbucket/server': {
 		id: 'bitbucket/server',
@@ -26,15 +27,16 @@ const STANDARD_PROVIDER_HOSTS = {
 		forEnterprise: true,
 		host: 'bitbucket/server',
 		apiHost: 'api.bitbucket.org/2.0',
-		scopes: ['projects:read repositories:write']
+		scopes: ['projects:read', 'repositories:write']
 	},
 	'github*com': {
 		id: 'github*com',
 		name: 'github',
 		isEnterprise: false,
 		host: 'github.com',
 		apiHost: 'api.github.com',
-		hasIssues: true
+		hasIssues: true,
+		scopes: ['repo', 'read:user', 'user:email', 'notifications']
 	},
 	'github/enterprise': {
 		id: 'github/enterprise',
@@ -51,7 +53,8 @@ const STANDARD_PROVIDER_HOSTS = {
 		isEnterprise: false,
 		host: 'gitlab.com',
 		apiHost: 'gitlab.com/api/v4',
-		hasIssues: true 
+		hasIssues: true,
+
 	},
 	'gitlab/enterprise': {
 		id: 'gitlab/enterprise',
@@ -69,7 +72,8 @@ const STANDARD_PROVIDER_HOSTS = {
 		isEnterprise: false,
 		host: 'auth.atlassian.com',
 		apiHost: 'api.atlassian.com',
-		hasIssues: true
+		hasIssues: true,
+		scopes: ['read:jira-user', 'read:jira-work', 'write:jira-work', 'offline_access']
 	},
 	'jiraserver/enterprise': {
 		id: 'jiraserver/enterprise',
@@ -86,15 +90,17 @@ const STANDARD_PROVIDER_HOSTS = {
 		isEnterprise: false,
 		host: 'trello.com',
 		apiHost: 'api.trello.com/1',
-		hasIssues: true
+		hasIssues: true,
+		scopes: ['read', 'write']
 	},
 	'youtrack*com': {
 		id: 'youtrack*com',
 		name: 'youtrack',
 		isEnterprise: false,
 		needsConfigure: true,
 		host: 'youtrack.com',
-		hasIssues: true
+		hasIssues: true,
+		scopes: ['YouTrack']
 	},
 	'app*vssps*visualstudio*com': {
 		id: 'app*vssps*visualstudio*com',
@@ -103,23 +109,39 @@ const STANDARD_PROVIDER_HOSTS = {
 		needsConfigure: true,
 		host: 'app.vssps.visualstudio.com',
 		apiHost: 'dev.azure.com',
-		hasIssues: true
+		hasIssues: true,
+		scopes: ['vso.identity', 'vso.work_write']
 	},
 	'slack*com': {
 		id: 'slack*com',
 		name: 'slack',
 		isEnterprise: false,
 		host: 'slack.com',
 		apiHost: 'slack.com/api',
-		hasSharing: true
+		hasSharing: true,
+		scopes: [
+			'channels:read',
+			'chat:write:user',
+			'groups:read',
+			'im:read',
+			'users.profile:write',
+			'users:read',
+			'users:read.email',
+			'mpim:read'
+		]
 	},
 	'login*microsoftonline*com': {
 		id: 'login*microsoftonline*com',
 		name: 'msteams',
 		isEnterprise: false,
 		host: 'login.microsoftonline.com',
 		apiHost: 'graph.microsoft.com/v1.0',
-		hasSharing: true
+		hasSharing: true,
+		scopes: [
+			'User.Read.All',
+			'Group.ReadWrite.All',
+			'offline_access'
+		]
 	}
 	/*
 	'okta*com': {
diff --git a/api_server/modules/providers/test/provider_auth/provider_auth_test.js b/api_server/modules/providers/test/provider_auth/provider_auth_test.js
@@ -170,7 +170,7 @@ class ProviderAuthTest extends CodeStreamAPITest {
 			redirect_uri: this.redirectUri,
 			response_type: 'code',
 			state: this.state,
-			scope: 'repo,read:user,user:email'
+			scope: 'repo,read:user,user:email,notifications'
 		};
 		const host = this.testHost || 'https://github.com';
 		const url = `${host}/login/oauth/authorize`;
diff --git a/api_server/modules/slack_auth/slack_auth.js b/api_server/modules/slack_auth/slack_auth.js
@@ -6,37 +6,6 @@ const Fetch = require('node-fetch');
 const OAuthModule = require(process.env.CSSVC_BACKEND_ROOT + '/api_server/lib/oauth/oauth_module.js');
 const SlackAuthorizer = require('./slack_authorizer');
 
-const OAUTH_CONFIG = {
-	provider: 'slack',
-	host: 'slack.com',
-	apiHost: 'slack.com/api',
-	authPath: 'oauth/authorize',
-	tokenPath: 'api/oauth.access',
-	exchangeFormat: 'form',
-	scopes: 'identify client',
-	hasSharing: true
-};
-
-const STRICT_SCOPES = [
-	'channels:history',
-	'channels:read',
-	'channels:write',
-	'chat:write:user',
-	'groups:history',
-	'groups:read',
-	'groups:write',
-	'im:history',
-	'im:read',
-	'im:write',
-	'users:read',
-	'users:read.email',
-	'users.profile:read',
-	'reactions:write',
-	'mpim:history',
-	'mpim:read',
-	'mpim:write'
-];
-
 const SHARING_SCOPES = [
 	'channels:read',
 	'chat:write:user',
@@ -48,6 +17,18 @@ const SHARING_SCOPES = [
 	'mpim:read'
 ];
 
+const OAUTH_CONFIG = {
+	provider: 'slack',
+	host: 'slack.com',
+	apiHost: 'slack.com/api',
+	authPath: 'oauth/authorize',
+	tokenPath: 'api/oauth.access',
+	exchangeFormat: 'form',
+	scopes: SHARING_SCOPES.join(' '),
+	hasSharing: true
+};
+
+
 class SlackAuth extends OAuthModule {
 	constructor (config) {
 		super(config);
@@ -61,32 +42,6 @@ class SlackAuth extends OAuthModule {
 		}).exchangeAndAuthorize();
 	}
 
-	// overrides OAuthModule.getRedirectData to allow for "slack-lite", slack without the
-	// scary "client" scope
-	getRedirectData (options) {
-		const data = super.getRedirectData(options);
-		if (options.access === 'strict') {
-			data.parameters.scope = STRICT_SCOPES.join(' ');
-		} else if (options.sharing) {
-			data.parameters.scope = SHARING_SCOPES.join(' ');
-		}
-		return data;
-	}
-
-	// overrides OAuthModule.getClientInfo to allow for "slack-lite", slack without the
-	// scary "client" scope ... in this case, we use different client ID and secret
-	getClientInfo (options) {
-		const info = super.getClientInfo(options);
-		if (options.access === 'strict') {
-			info.clientId = this.apiConfig.appStrictClientId;
-			info.clientSecret = this.apiConfig.appStrictClientSecret;
-		} else if (options.sharing) {
-			info.clientId = this.apiConfig.appSharingClientId;
-			info.clientSecret = this.apiConfig.appSharingClientSecret;
-		}
-		return info;
-	}
-
 	validateChannelName (name) {
 		if (name.match(/[^a-z0-9-_[\]{}\\/]/)) {
 			return 'illegal characters in channel name';

Original file line number	Diff line number	Diff line change
`@@ -462,8 +462,10 @@ class OAuthModule extends APIServerModule {`
`462`	`462`	`hasIssues: hasIssues,`
`463`	`463`	`hasSharing: hasSharing`
`464`	`464`	`};`
`465`		`- if (forEnterprise && scopes) {`
`466`		`- info.scopes = scopes.split(',');`
	`465`	`+ if (scopes) {`
	`466`	`+ const scopes_comma = scopes.split(',');`
	`467`	`+ const scopes_space = scopes.split(' ');`
	`468`	`+ info.scopes = scopes_comma.length > scopes_space.length ? scopes_comma : scopes_space;`
`467`	`469`	`}`
`468`	`470`	`return info;`
`469`	`471`	`}`