From c7b753bbeaf5561f49fe7a809f7d3cab8b032098 Mon Sep 17 00:00:00 2001
From: Peter Sanchez <peter@netlandish.com>
Date: Tue, 16 May 2023 14:32:34 -0600
Subject: [PATCH] Displaying scope access in metadata

---
 routes.go | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/routes.go b/routes.go
index a29b1d2..c306e08 100644
--- a/routes.go
+++ b/routes.go
@@ -674,6 +674,24 @@ func (s *Service) OAuthMetadata(c echo.Context) error {
 		return err
 	}
 
+	var scopes []string
+	for _, scope := range s.config.Scopes {
+		parts := strings.Split(scope, ":")
+		if len(parts) > 1 {
+			access := parts[1]
+			if access != "RO" && access != "RW" {
+				parts = parts[:1] // Invalid access, reset
+				scope = parts[0]
+			} else {
+				scopes = append(scopes, fmt.Sprintf("%s:%s", parts[0], parts[1]))
+			}
+		}
+		if len(parts) == 1 {
+			scopes = append(scopes, fmt.Sprintf("%s:RO", scope))
+			scopes = append(scopes, fmt.Sprintf("%s:RW", scope))
+		}
+	}
+
 	ret := struct {
 		Issuer        string   `json:"issuer"`
 		AuthEndpoint  string   `json:"authorization_endpoint"`
@@ -688,7 +706,7 @@ func (s *Service) OAuthMetadata(c echo.Context) error {
 		Issuer:        origin,
 		AuthEndpoint:  aURL,
 		TokenEndpoint: tURL,
-		Scopes:        s.config.Scopes,
+		Scopes:        scopes,
 		Responses:     []string{"code"},
 		Grants:        []string{"authorization_code"},
 		Doc:           s.config.DocumentationURL,
-- 
2.45.2