From c18efaa33d2a6b1447c9076e99ef96906d5e12b5 Mon Sep 17 00:00:00 2001
From: Adarnof <adarnof@gmail.com>
Date: Thu, 22 Feb 2018 13:27:47 -0500
Subject: [PATCH] Default login scopes to publicData

We need a refresh token to monitor character ownership but don't need any scopes explicitly. publicData provides no private information but grants a refresh token.

https://github.com/ccpgames/sso-issues/issues/17

Rumor has it this scope isn't going away with CREST.

adarnauth-esi will automatically create a new scope model when it encounters one it doesn't recognize.
---
 .../project_template/project_name/settings/base.py        | 2 +-
 .../project_template/project_name/settings/local.py       | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/allianceauth/project_template/project_name/settings/base.py b/allianceauth/project_template/project_name/settings/base.py
index f59a3eac..6fd5bdea 100644
--- a/allianceauth/project_template/project_name/settings/base.py
+++ b/allianceauth/project_template/project_name/settings/base.py
@@ -187,7 +187,7 @@ LOGIN_REDIRECT_URL = 'authentication:dashboard'  # destination after logging out
 # - absolute urls eg 'http://example.com/dashboard'
 
 # scopes required on new tokens when logging in. Cannot be blank.
-LOGIN_TOKEN_SCOPES = ['esi-characters.read_opportunities.v1']
+LOGIN_TOKEN_SCOPES = ['publicData']
 
 # number of days email verification links are valid for
 ACCOUNT_ACTIVATION_DAYS = 1
diff --git a/allianceauth/project_template/project_name/settings/local.py b/allianceauth/project_template/project_name/settings/local.py
index 412b3016..b16165b7 100644
--- a/allianceauth/project_template/project_name/settings/local.py
+++ b/allianceauth/project_template/project_name/settings/local.py
@@ -35,10 +35,10 @@ DATABASES['default'] = {
 }
 """
 
-# Register an application at https://developers.eveonline.com
-# and fill out these settings. Be sure to set the callback URL to
-# https://example.com/sso/callback substituting your domain for example.com
-# Select all available scopes starting with esi-
+# Register an application at https://developers.eveonline.com for Authentication
+# & API Access and fill out these settings. Be sure to set the callback URL
+# to https://example.com/sso/callback substituting your domain for example.com
+# Select publicData and all available scopes starting with esi-
 ESI_SSO_CLIENT_ID = ''
 ESI_SSO_CLIENT_SECRET = ''
 ESI_SSO_CALLBACK_URL = ''