From c0c23825a3b9c3d078bf1fc7df18573973bc6faf Mon Sep 17 00:00:00 2001
From: Joel Butcher <joelbutcher@users.noreply.github.com>
Date: Tue, 14 Jun 2022 08:39:02 +0100
Subject: [PATCH] [1.x] Allow scopes to be defined in config and merge with
 defaults (#9)

---
 src/FacebookServiceProvider.php      |  1 +
 src/Traits/HandlesAuthentication.php |  4 +++-
 tests/FacebookTest.php               | 15 +++++++++++++++
 3 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/src/FacebookServiceProvider.php b/src/FacebookServiceProvider.php
index 08ecdc2..9bf55b0 100644
--- a/src/FacebookServiceProvider.php
+++ b/src/FacebookServiceProvider.php
@@ -121,6 +121,7 @@ protected function registerFacebook(): void
                 'app_id' => $app['config']->get('facebook.app_id'),
                 'app_secret' => $app['config']->get('facebook.app_secret'),
                 'redirect_uri' => $app['config']->get('facebook.redirect_uri'),
+                'scopes' => $app['config']->get('facebook.scopes', []),
                 'default_graph_version' => $app['config']->get('facebook.graph_version'),
                 'enable_beta_mode' => $app['config']->get('facebook.beta_mode'),
                 'persistent_data_handler' => $app[PersistentDataInterface::class],
diff --git a/src/Traits/HandlesAuthentication.php b/src/Traits/HandlesAuthentication.php
index da1754d..8a59c6b 100644
--- a/src/Traits/HandlesAuthentication.php
+++ b/src/Traits/HandlesAuthentication.php
@@ -53,7 +53,9 @@ public function getRedirect(?string $redirectUrl = null, array $scopes = []): st
             throw new \InvalidArgumentException('A valid redirect URL is required');
         }
 
-        $scopes = ! empty($scopes) ? $scopes : ($this->config['scopes'] ?? ['email', 'public_profile']);
+        $scopes = array_merge($this->config['scopes'] ?? [], [
+            'email', 'public_profile',
+        ]);
 
         return $this->getLoginHelper()->getLoginUrl($url, $scopes);
     }
diff --git a/tests/FacebookTest.php b/tests/FacebookTest.php
index 6435b9f..5726a09 100644
--- a/tests/FacebookTest.php
+++ b/tests/FacebookTest.php
@@ -67,6 +67,21 @@
     $facebook->getRedirect();
 });
 
+it('builds default scopes', function () {
+    $redirect = $this->getFacebookMock()->getRedirect();
+    $this->assertStringContainsStringIgnoringCase('scope='.urlencode('email,public_profile'), $redirect);
+});
+
+it('builds replaces duplicate scopes with defaults', function () {
+    $redirect = $this->getFacebookMock(['scopes' => ['email', 'public_profile']])->getRedirect();
+    $this->assertStringContainsStringIgnoringCase('scope='.urlencode('email,public_profile'), $redirect);
+});
+
+it('builds appends default scopes to requested', function () {
+    $redirect = $this->getFacebookMock(['scopes' => ['publish_actions']])->getRedirect();
+    $this->assertStringContainsStringIgnoringCase('scope='.urlencode('publish_actions,email,public_profile'), $redirect);
+});
+
 it('returns a valid redirect login helper instance', function () {
     $helper = $this->getFacebookMock()->getLoginHelper();
     $dataHandler = $helper->getPersistentDataHandler();