Ability to increase scopes without copy pasting a lot of code

[mustafaakin]

Since the current scopes are limited to name, id and avatar, adding an email scope requires copying & pasting a lot of code for each provider, but of course I can be wrong.

auth.go:

p := provider.Params{
	URL:         s.opts.URL,
	JwtService:  s.jwtService,
	Issuer:      s.issuer,
	AvatarSaver: s.avatarProxy,
	Cid:         cid,
	Csecret:     csecret,
	L:           s.logger,
}

    ...
case "google":
	s.providers = append(s.providers, provider.NewService(provider.NewGoogle(p)))

Using this feels a lot verbose, is this a good idea to allow scopes as a parameter?

[umputun]

Allowing user-defined scores in Params won't solve the problem by itself. There are a few other things to be aware of:

• Providers don't have a unified set of scopes, and each one treats them differently. It will need a list of allowed/supported scopes and translation for each one.
• mapUser in every provider should be adjusted to support it.
• It is unclear where to put those extra fields. Probably email can go to User.Email but generally I don't like this idea as email, IP just a form of attributes intended to be set by client hooks.

Generally speaking, the decision to limit the scope to just a necessary minimum was a deliberate part of the design, and the goal was to minimize the info auth layer can access and pass. I have some use cases with post-auth "Registration" and this seems to be the right place to ask the user for the email and anything else. This info can be stored separately and populated into token's attributes as a part of user-defined ClaimsUpdater.

If you can figure a simple and non-intrusive way to support extra scopes we can discuss it and, maybe, allow such customization.