Enforcement of OAuth scopes check for authenticated API endpoints, :skip_plug plug to mark a plug explicitly skipped (disabled).

author: Ivan Tashkinov <ivantashkinov@gmail.com> 2020-04-06 10:20:44 +0300
committer: Ivan Tashkinov <ivantashkinov@gmail.com> 2020-04-06 10:20:44 +0300
commit: fc81e5a49c34224e07e85f490a30f92db0835d45 (patch)
tree: 347f7eee028404e7e1422ca94ce837bda756e3b3 /lib/pleroma/web/oauth/oauth_controller.ex
parent: 8444e7ee9651f3b1836954a3891b5ae26ee79f99 (diff)
download: pleroma-fc81e5a49c34224e07e85f490a30f92db0835d45.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
index 46688db7e..0121cd661 100644
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -27,6 +27,8 @@ defmodule Pleroma.Web.OAuth.OAuthController do
   plug(:fetch_flash)
   plug(RateLimiter, [name: :authentication] when action == :create_authorization)
 
+  plug(:skip_plug, Pleroma.Plugs.OAuthScopesPlug)
+
   action_fallback(Pleroma.Web.OAuth.FallbackController)
 
   @oob_token_redirect_uri "urn:ietf:wg:oauth:2.0:oob"
author	Ivan Tashkinov <ivantashkinov@gmail.com>	2020-04-06 10:20:44 +0300
committer	Ivan Tashkinov <ivantashkinov@gmail.com>	2020-04-06 10:20:44 +0300
commit	fc81e5a49c34224e07e85f490a30f92db0835d45 (patch)
tree	347f7eee028404e7e1422ca94ce837bda756e3b3 /lib/pleroma/web/oauth/oauth_controller.ex
parent	8444e7ee9651f3b1836954a3891b5ae26ee79f99 (diff)
download	pleroma-fc81e5a49c34224e07e85f490a30f92db0835d45.tar.gz