diff --git a/htdocs/admin/oauth.php b/htdocs/admin/oauth.php
index 25afbaad943..df64d2843f6 100644
--- a/htdocs/admin/oauth.php
+++ b/htdocs/admin/oauth.php
@@ -88,7 +88,7 @@ $head = oauthadmin_prepare_head();
dol_fiche_head($head, 'services', '', -1, 'technic');
-print $langs->trans("ListOfSupportedOauthProviders").'
';
+print ''.$langs->trans("ListOfSupportedOauthProviders").'
';
print '';
diff --git a/htdocs/admin/oauthlogintokens.php b/htdocs/admin/oauthlogintokens.php
index 01d36898c78..61496dbf30e 100644
--- a/htdocs/admin/oauthlogintokens.php
+++ b/htdocs/admin/oauthlogintokens.php
@@ -122,7 +122,7 @@ dol_fiche_head($head, 'tokengeneration', '', -1, 'technic');
if ($mode == 'setup' && $user->admin)
{
- print $langs->trans("OAuthSetupForLogin")."
\n";
+ print ''.$langs->trans("OAuthSetupForLogin")."
\n";
foreach ($list as $key)
{
@@ -135,14 +135,17 @@ if ($mode == 'setup' && $user->admin)
if ($key[0] == 'OAUTH_GITHUB_NAME')
{
$OAUTH_SERVICENAME = 'GitHub';
- $urltorenew = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?state=user,public_repo&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
+ $state='user,public_repo'; // List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service)
+ $urltorenew = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?state='.$state.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?action=delete&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = 'https://github.com/settings/applications/';
}
elseif ($key[0] == 'OAUTH_GOOGLE_NAME')
{
$OAUTH_SERVICENAME = 'Google';
- $urltorenew = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?state=userinfo_email,userinfo_profile,cloud_print&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
+ $state='userinfo_email,userinfo_profile,cloud_print'; // List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service)
+ //$state.=',gmail_full';
+ $urltorenew = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?state='.$state.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = 'https://security.google.com/settings/security/permissions';
}
diff --git a/htdocs/core/modules/oauth/google_oauthcallback.php b/htdocs/core/modules/oauth/google_oauthcallback.php
index ca3060ecf22..c9fd9869caf 100644
--- a/htdocs/core/modules/oauth/google_oauthcallback.php
+++ b/htdocs/core/modules/oauth/google_oauthcallback.php
@@ -80,11 +80,13 @@ if ($action != 'delete' && empty($requestedpermissionsarray))
//var_dump($requestedpermissionsarray);exit;
// Instantiate the Api service using the credentials, http client and storage mechanism for the token
+// $requestedpermissionsarray contains list of scopes.
+// Conversion into URL is done by Reflection on constant with name SCOPE_scope_in_uppercase
/** @var $apiService Service */
$apiService = $serviceFactory->createService('Google', $credentials, $storage, $requestedpermissionsarray);
// access type needed to have oauth provider refreshing token
-// alos note that a refresh token is sent only after a prompt
+// also note that a refresh token is sent only after a prompt
$apiService->setAccessType('offline');
$apiService->setApprouvalPrompt('force');
@@ -147,7 +149,7 @@ else // If entry on page with no parameter, we arrive here
// Creation of record with state in this tables depend on the Provider used (see its constructor).
if (GETPOST('state'))
{
- $url = $apiService->getAuthorizationUri(array('state'=>GETPOST('state')));
+ $url = $apiService->getAuthorizationUri(array('state'=>GETPOST('state')));
}
else
{