Support OAuth Scopes & Update Token Data Limits#160
Support OAuth Scopes & Update Token Data Limits#160stratoghost wants to merge 5 commits intothedevdojo:mainfrom
Conversation
There was a problem hiding this comment.
Pull Request Overview
This pull request enhances OAuth functionality by adding support for configurable scopes and increasing token storage capacity. The changes enable dynamic OAuth scope configuration per provider while expanding database storage limits for tokens.
- Database schema updates to change token columns from varchar to text for increased storage capacity
- OAuth scope support with dynamic configuration from provider settings
- Data handling improvements to convert scope arrays to comma-separated strings
Reviewed Changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
database/migrations/2025_08_03_213559_change_token_to_text_on_social_provider_users_table.php |
Migration to change token column from string(400) to text type |
database/migrations/2025_08_03_213701_change_refresh_token_to_text_on_social_provider_users_table.php |
Migration to change refresh_token column from string to text type |
src/Http/Controllers/SocialController.php |
Added dynamic OAuth scope configuration in redirect method |
src/Models/SocialProvider.php |
Added logic to convert scope arrays to comma-separated strings |
...migrations/2025_08_03_213701_change_refresh_token_to_text_on_social_provider_users_table.php
Outdated
Show resolved
Hide resolved
…text_on_social_provider_users_table.php Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
Finally! Hopefully this gets merged soon. |
|
@stratoghost, thanks for the contribution. I'm looking it over and if the tests pass I can get this merged in real soon :) Thanks! |
|
Hey @stratoghost, It looks like the tests are failing, but that's not your fault. There was a change that was needed to get the pest and dusk tests to pass which I have merged here: #162. Go ahead and merge main into your branch and that should solve the issue. Hit me up when you've done that and I can get this merged in and in the next release. Appreciate it 🤘 |
|
@stratoghost, I've gone ahead and created a pull request on your branch: stratoghost#1, to merge in main. That will include a fix so the tests will pass. Go ahead and merge that in and then the tests will re-run here and pass and I can get it merged in. Really appreciate it 🙏 |
This PR fixes missing OAuth scopes during the social auth redirect and widens token columns to handle long provider tokens.
Why
scopessetting, but we weren’t passing it on redirect. That breaks flows that need extra permissions.What changed
Social auth
SocialController@redirect: reads provider config and applies the configured scopes to the redirect.SocialProvider::getRows: ifscopesis an array, store it as a comma-separated string.Database
tokenonsocial_provider_user→text. Down migrates tostring(400).2025_08_03_213559_change_token_to_text_on_social_provider_users_table.php
refresh_tokenonsocial_provider_user→text. Down migrates tostring(191|400).2025_08_03_213701_change_refresh_token_to_text_on_social_provider_users_table.php
Controller update
Model update
Config example
Testing
dev-mainMigration notes
php artisan config:clearImpact
Reason for the PR
I opened this for DevDojo Auth because
scopesexisted in provider setup, but the redirect ignored them. This applies the scopes and prevents token truncation seen with some custom Socialite providers.