paul121
commented
3 years ago I'm going to close this. All that is required to support 2.x scopes is adding additional scopes to the AGGREGATOR_OAUTH_SCOPES var in the .env file. If an aggregator is supporting both 1.x and 2.x servers, some scopes may only work for one version or the either. This can be denoted in the scope's description.
For fully managed use cases this shouldn't be a problem.
For 1x we've been using the
user_accessscope. In 2x, this same functionality can be configured on the actual consumer client (see http://2x.farmos.org/development/module/oauth/).Additionally, in 2x our scopes will largely be Drupal Roles. This doesn't create any changes to the OAuth authorization or scope mechanisms, might require thinking of any "business logic" changes in the Aggregator.
It's still early stages and aside from the consumer config options (see docs linked above), we don't have explicit needs for other OAuth scopes...yet!