lib/rack/oauth2/models/client.rb in rack-oauth2-server-1.4.6 vs lib/rack/oauth2/models/client.rb in rack-oauth2-server-2.0.0.beta

@@ -15,20 +15,22 @@
           # Create a new client. Client provides the following properties:
           # # :display_name -- Name to show (e.g. UberClient)
           # # :link -- Link to client Web site (e.g. http://uberclient.dot)
           # # :image_url -- URL of image to show alongside display name
           # # :redirect_uri -- Registered redirect URI.
+          # # :scopes -- List of scopes the client is allowed to request.
           # 
           # This method does not validate any of these fields, in fact, you're
           # not required to set them, use them, or use them as suggested. Using
           # them as suggested would result in better user experience.  Don't ask
           # how we learned that.
           def create(args)
             redirect_uri = Server::Utils.parse_redirect_uri(args[:redirect_uri]).to_s if args[:redirect_uri]
+            scopes = Server::Utils.normalize_scopes(args[:scopes])
             fields =  { :secret=>Server.secure_random, :display_name=>args[:display_name], :link=>args[:link],
-                        :image_url=>args[:image_url], :redirect_uri=>redirect_uri, :created_at=>Time.now.utc.to_i,
-                        :revoked=>nil }
+                        :image_url=>args[:image_url], :redirect_uri=>redirect_uri, :scopes=>scopes,
+                        :created_at=>Time.now.utc.to_i, :revoked=>nil }
             fields[:_id] = collection.insert(fields)
             Server.new_instance self, fields
           end
 
           # Lookup client by ID, display name or URL.
@@ -71,10 +73,12 @@
         # Preferred image URL for this icon.
         attr_reader :image_url
         # Redirect URL. Supplied by the client if they want to restrict redirect
         # URLs (better security).
         attr_reader :redirect_uri
+        # List of scopes the client is allowed to request.
+        attr_reader :scopes
         # Does what it says on the label.
         attr_reader :created_at
         # Timestamp if revoked.
         attr_accessor :revoked
 
@@ -89,9 +93,10 @@
         end
 
         def update(args)
           fields = [:display_name, :link, :image_url].inject({}) { |h,k| v = args[k]; h[k] = v if v; h }
           fields[:redirect_uri] = Server::Utils.parse_redirect_uri(args[:redirect_uri]).to_s if args[:redirect_uri]
+          fields[:scopes] = Server::Utils.normalize_scopes(args[:scopes])
           self.class.collection.update({ :_id=>id }, { :$set=>fields })
         end
 
         Server.create_indexes do
           # For quickly returning clients sorted by display name, or finding