From 9d9347af412e7d039cd91067d9d653bb19528814 Mon Sep 17 00:00:00 2001
From: Markus Valentin <markus.valentin@open-xchange.com>
Date: Mon, 24 Jun 2019 16:03:37 +0200
Subject: [PATCH] lib-oauth2: append scope to the access request payload

---
 src/lib-oauth2/oauth2-request.c | 4 ++++
 src/lib-oauth2/oauth2.h         | 2 ++
 2 files changed, 6 insertions(+)

diff --git a/src/lib-oauth2/oauth2-request.c b/src/lib-oauth2/oauth2-request.c
index 660ccbefd2..b9f0076e1f 100644
--- a/src/lib-oauth2/oauth2-request.c
+++ b/src/lib-oauth2/oauth2-request.c
@@ -253,6 +253,10 @@ oauth2_passwd_grant_start(const struct oauth2_settings *set,
 	http_url_escape_param(payload, set->client_id);
 	str_append(payload, "&client_secret=");
 	http_url_escape_param(payload, set->client_secret);
+	if (set->scope[0] != '\0') {
+		str_append(payload, "&scope=");
+		http_url_escape_param(payload, set->scope);
+	}
 
 	return oauth2_request_start(set, input, callback, context,
 				    pool, "POST", set->grant_url,
diff --git a/src/lib-oauth2/oauth2.h b/src/lib-oauth2/oauth2.h
index b6f5876139..aaacfeb209 100644
--- a/src/lib-oauth2/oauth2.h
+++ b/src/lib-oauth2/oauth2.h
@@ -28,6 +28,8 @@ struct oauth2_settings {
 	const char *client_id;
 	/* client secret for oauth2 server */
 	const char *client_secret;
+	/* access request scope for oauth2 server (optional) */
+	const char *scope;
 	enum {
 		INTROSPECTION_MODE_GET_AUTH,
 		INTROSPECTION_MODE_GET,
-- 
2.47.3