ThisIsMissEm
commented
5 months ago Nice work @akirk ! Had a skim through the code, but I'll leave that to the wordpress experts (not a flavour of php I'm used to)
Closed akirk closed 5 months ago
ThisIsMissEm
commented
5 months ago Nice work @akirk ! Had a skim through the code, but I'll leave that to the wordpress experts (not a flavour of php I'm used to)
When authorizing an app, we now display the requested scopes on the login screen:
Subscopes are displayed like this:
The scopes are now also enforced: If an app then tried to request an api endpoint where it doesn't have permission, and api based error will be returned, for example (screenshot from the Mastodon API Tester):
Thanks @thisismissem for pointing out this missing part of the plugin!