From d276cd5b326a1b5f470d703676a5b3410b68db08 Mon Sep 17 00:00:00 2001 From: Piotr Sarnacki Date: Wed, 8 May 2013 13:21:46 +0200 Subject: [PATCH] Return Oauth headers even if none scope was matched If an endpoint specifies more than one scope and none of the scopes from access token matches, return oauth headers for the first of the scopes --- lib/travis/api/app/extensions/scoping.rb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/travis/api/app/extensions/scoping.rb b/lib/travis/api/app/extensions/scoping.rb index d932a053..5945804e 100644 --- a/lib/travis/api/app/extensions/scoping.rb +++ b/lib/travis/api/app/extensions/scoping.rb @@ -46,6 +46,9 @@ class Travis::Api::App end if !result + headers['X-OAuth-Scopes'] = scopes.map(&:to_s).join(',') + headers['X-Accepted-OAuth-Scopes'] = names.first.to_s + if env['travis.access_token'] pass { halt 403, "insufficient access" } else