Add offline_access scope

2025-05-11 12:11:12 +00:00 · 2025-04-10 21:57:25 +02:00 · 2025-04-10 21:57:25 +02:00 · 1af6ae19b9
commit 1af6ae19b9
parent 7898619d74
4 changed files with 16 additions and 4 deletions
--- a/app/lib/scope_transformer.rb
+++ b/app/lib/scope_transformer.rb
@ -14,6 +14,8 @@ class ScopeTransformer < Parslet::Transform

      # # override for profile scope which is read only
      @access = %w(read) if @term == 'profile'
+      # Override offline_access since it doesn't imply read or write access:
+      @access = %w(offline) if @term == 'offline_access'
    end

    def key
--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@ -35,10 +35,10 @@ Doorkeeper.configure do
  # context.client for client (Doorkeeper::Application)
  # context.scopes for scopes
  custom_access_token_expires_in do |context|
-    # If the client is confidential (all clients pre 4.3), then we don't want to
-    # expire access tokens. Applications created by users are also considered
-    # confidential.
-    if context.client.confidential?
+    # If the client is confidential (all clients pre 4.3) and it hasn't
+    # requested offline_access, then we don't want to expire access tokens.
+    # Applications created by users are also considered confidential.
+    if context.client.confidential? && !context.scopes.exists?('offline_access')
      nil
    else
      15.minutes.to_i
@ -80,6 +80,7 @@ Doorkeeper.configure do
  # https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
  default_scopes  :read
  optional_scopes :profile,
+                  :offline_access,
                  :write,
                  :'write:accounts',
                  :'write:blocks',
--- a/config/locales/doorkeeper.en.yml
+++ b/config/locales/doorkeeper.en.yml
@ -89,6 +89,7 @@ en:
        invalid_request:
          missing_param: 'Missing required parameter: %{value}.'
          request_not_authorized: Request need to be authorized. Required parameter for authorizing request is missing or invalid.
+          offline_access_only: The offline_access scope can only be used with other scopes.
          unknown: The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed.
        invalid_resource_owner: The provided resource owner credentials are not valid, or resource owner cannot be found
        invalid_scope: The requested scope is invalid, unknown, or malformed.
@ -118,6 +119,7 @@ en:
        read: Read-only access
        read/write: Read and write access
        write: Write-only access
+        offline: Access for an extended period of time
      title:
        accounts: Accounts
        admin/accounts: Administration of accounts
@ -138,6 +140,7 @@ en:
        notifications: Notifications
        profile: Your Mastodon profile
        push: Push notifications
+        offline_access: Offline access
        reports: Reports
        search: Search
        statuses: Posts
--- a/spec/lib/scope_transformer_spec.rb
+++ b/spec/lib/scope_transformer_spec.rb
@ -23,6 +23,12 @@ RSpec.describe ScopeTransformer do
      it_behaves_like 'a scope', nil, 'profile', 'read'
    end

+    context 'with scope "offline_access"' do
+      let(:input) { 'offline_access' }
+
+      it_behaves_like 'a scope', nil, 'offline_access', 'offline'
+    end
+
    context 'with scope "read"' do
      let(:input) { 'read' }