Return Oauth headers even if none scope was matched

If an endpoint specifies more than one scope and none of the scopes from access token matches, return oauth headers for the first of the scopes
2013-05-08 13:21:46 +02:00 · 2013-05-08 13:21:46 +02:00 · d276cd5b32
commit d276cd5b32
parent cdabec540d
1 changed files with 3 additions and 0 deletions
--- a/lib/travis/api/app/extensions/scoping.rb
+++ b/lib/travis/api/app/extensions/scoping.rb
@ -46,6 +46,9 @@ class Travis::Api::App
          end

          if !result
+            headers['X-OAuth-Scopes'] = scopes.map(&:to_s).join(',')
+            headers['X-Accepted-OAuth-Scopes'] = names.first.to_s
+
            if env['travis.access_token']
              pass { halt 403, "insufficient access" }
            else