feat(oidc_client): add custom_scopes option to request_device_authorization

kilimnik · kilimnik · commit 04a45f029bcb · 2025-01-19T17:49:43.000+01:00
diff --git a/crates/matrix-sdk/src/authentication/common_oidc/oidc_client.rs b/crates/matrix-sdk/src/authentication/common_oidc/oidc_client.rs
@@ -124,15 +124,16 @@ impl OidcClient {
     pub(crate) async fn request_device_authorization(
         &self,
         device_id: Curve25519PublicKey,
+        custom_scopes: Option<Vec<ScopeToken>>,
     ) -> Result<CoreDeviceAuthorizationResponse, DeviceAuhorizationOidcError> {
-        let scopes = [
+        let scopes = custom_scopes.unwrap_or(vec![
             ScopeToken::Openid,
             ScopeToken::MatrixApi(MatrixApiScopeToken::Full),
             ScopeToken::try_with_matrix_device(device_id.to_base64()).expect(
                 "We should be able to create a scope token from a \
                  Curve25519 public key encoded as base64",
             ),
-        ]
+        ])
         .into_iter()
         .map(|scope| Scope::new(scope.to_string()));
 
diff --git a/crates/matrix-sdk/src/authentication/qrcode/login.rs b/crates/matrix-sdk/src/authentication/qrcode/login.rs
@@ -128,7 +128,8 @@ impl<'a> IntoFuture for LoginWithQrCode<'a> {
             // Let's tell the OIDC provider that we want to log in using the device
             // authorization grant described in [RFC8628](https://datatracker.ietf.org/doc/html/rfc8628).
             trace!("Requesting device authorization.");
-            let auth_grant_response = oidc_client.request_device_authorization(device_id).await?;
+            let auth_grant_response =
+                oidc_client.request_device_authorization(device_id, None).await?;
 
             // Now we need to inform the other device of the login protocols we picked and
             // the URL they should use to log us in.
