From 82c6a0aeb4c854a544a229fb2c1bac2c811707c3 Mon Sep 17 00:00:00 2001
From: Crypta Electrica <crypta@crypta.tech>
Date: Sun, 8 Sep 2024 00:09:23 +0930
Subject: [PATCH] feat: remove publicData scope when not required

---
 src/Http/Controllers/Auth/SsoController.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/Http/Controllers/Auth/SsoController.php b/src/Http/Controllers/Auth/SsoController.php
index c35e91b89..2b438007e 100644
--- a/src/Http/Controllers/Auth/SsoController.php
+++ b/src/Http/Controllers/Auth/SsoController.php
@@ -77,6 +77,11 @@ public function redirectToProvider($profile = null)
                 $used_scopes = $token->scopes;
         }
 
+        if (count($used_scopes) > 1){
+            if (($key = array_search('publicData', $used_scopes)) !== false) {
+                unset($used_scopes[$key]);
+            }
+        }
         // Store the scopes we are sending to CCP in the session so we can
         // validate the JWT response contains the right scopes.
         session()->put('scopes', $used_scopes);