[GH-ISSUE #42] Verify OAuth token includes required scopes #6

New issue

Open

opened 2026-02-26 04:36:28 +03:00 by kerem · 0 comments

kerem commented

2026-02-26 04:36:28 +03:00

Owner

Originally created by @moollaza on GitHub (Oct 31, 2019).
Original GitHub issue: https://github.com/moollaza/repo-remover/issues/42

Background

TheTokenForm currently validates the token by making an API call to see if GitHub responds with a user, but it doesn't verify the token has the required scopes.

Without the requires scopes (repo, delete_repo) the user will not be able to archive/delete any repos.

Solution

Find a way to check the X-OAuth-Scopes header in the API response, inside TheTokenForm.vue. It should contain delete_repo, repo

Originally created by @moollaza on GitHub (Oct 31, 2019). Original GitHub issue: https://github.com/moollaza/repo-remover/issues/42 ## Background TheTokenForm currently validates the token by making an API call to see if GitHub responds with a user, but it doesn't verify the token has the required scopes. Without the requires scopes (repo, delete_repo) the user will not be able to archive/delete any repos. ## Solution Find a way to check the `X-OAuth-Scopes` header in the API response, inside `TheTokenForm.vue`. It should contain `delete_repo, repo`