add AVATAR_URL scope, use ScopeE instead of Scope

app/developer/templates/developer/index.html

@@ -60,10 +60,10 @@
 
                 <td class="align-middle">
                   <ul class="list-unstyled mb-0">
-                    {% for scope in client.scopes %}
+                    {% for scope in client.get_scopes() %}
                       <li>
                         <i class="fe fe-check"></i>
-                        {{ scope.name }}
+                        {{ scope.value }}
                       </li>
                     {% endfor %}
                   </ul>

app/models.py

@@ -267,6 +267,10 @@ class Client(db.Model, ModelMixin):
     def nb_user(self):
         return ClientUser.filter_by(client_id=self.id).count()
 
+    def get_scopes(self) -> [ScopeE]:
+        # todo: client can choose which scopes they want to have access
+        return [ScopeE.NAME, ScopeE.EMAIL, ScopeE.AVATAR_URL]
+
     @classmethod
     def create_new(cls, name, user_id) -> "Client":
         # generate a client-id
@@ -383,15 +387,29 @@ class ClientUser(db.Model, ModelMixin):
 
     def get_user_info(self) -> dict:
         """return user info according to client scope
-        Return dict with key being scope name
+        Return dict with key being scope name. For now all the fields are the same for all clients:
+
+        {
+          "client": "Demo",
+          "email": "test-avk5l@mail-tester.com",
+          "email_verified": true,
+          "id": 1,
+          "name": "Son GM",
+          "avatar_url": "http://s3..."
+        }
 
         """
         res = {"id": self.id, "client": self.client.name, "email_verified": True}
 
-        for scope in self.client.scopes:
-            if scope.name == ScopeE.NAME.value:
+        for scope in self.client.get_scopes():
+            if scope == ScopeE.NAME:
                 res[ScopeE.NAME.value] = self.user.name
-            elif scope.name == ScopeE.EMAIL.value:
+            elif scope == ScopeE.AVATAR_URL:
+                if self.user.profile_picture_id:
+                    res[ScopeE.AVATAR_URL.value] = self.user.profile_picture.get_url()
+                else:
+                    res[ScopeE.AVATAR_URL.value] = None
+            elif scope == ScopeE.EMAIL:
                 # Use generated email
                 if self.gen_email_id:
                     LOG.debug(

app/oauth/templates/oauth/authorize.html

@@ -19,8 +19,19 @@
           </div>
 
           <ul>
-            {% for scope in client.scopes %}
-              <li>{{ scope.name }}: {{ user_info[scope.name] }}</li>
+            {% for scope in client.get_scopes() %}
+              <li style="margin-top: .4rem">
+                {% if scope == ScopeE.AVATAR_URL %}
+                  {{ scope.value }}: <img src="{{ user_info[scope.value] }}" class="avatar">
+                {% elif scope == ScopeE.EMAIL %}
+                  {{ scope.value }}:
+                  <a href="mailto:{{ user_info[scope.value] }}">
+                    {{ user_info[scope.value] }}
+                  </a>
+                {% elif scope == ScopeE.NAME %}
+                  {{ scope.value }}: <b>{{ user_info[scope.value] }}</b>
+                {% endif %}
+              </li>
             {% endfor %}
           </ul>
         {% else %}
@@ -29,8 +40,8 @@
           </div>
 
           <ul>
-            {% for scope in client.scopes %}
-              <li>{{ scope.name }}</li>
+            {% for scope in client.get_scopes() %}
+              <li>{{ scope.value }}</li>
             {% endfor %}
           </ul>
         {% endif %}

app/oauth/templates/oauth/authorize_nonlogin_user.html

@@ -5,8 +5,8 @@
     <b>{{ client.name }}</b> &nbsp; would like to have access to your following data:
 
     <ul class="mt-3">
-      {% for scope in client.scopes %}
-        <li>{{ scope.name }}</li>
+      {% for scope in client.get_scopes() %}
+        <li>{{ scope.value }}</li>
       {% endfor %}
     </ul>
 

app/oauth/views/authorize.py

@@ -17,7 +17,7 @@ from app.models import (
     OauthToken,
 )
 from app.oauth.base import oauth_bp
-from app.oauth_models import get_response_types, ResponseType
+from app.oauth_models import get_response_types, ResponseType, ScopeE
 from app.utils import random_string, encode_url
 
 
@@ -73,7 +73,11 @@ def authorize():
                 user_info = client_user.get_user_info()
 
             return render_template(
-                "oauth/authorize.html", client=client, user_info=user_info
+                "oauth/authorize.html",
+                client=client,
+                user_info=user_info,
+                client_user=client_user,
+                ScopeE=ScopeE,
             )
         else:
             # after user logs in, redirect user back to this page

app/oauth_models.py

@@ -10,6 +10,7 @@ class ScopeE(enum.Enum):
     EMAIL = "email"
     NAME = "name"
     OPENID = "openid"
+    AVATAR_URL = "avatar_url"
 
 
 class ResponseType(enum.Enum):