Add setting for authorize options

config/locales/server.en.yml

@@ -13,4 +13,5 @@ en:
     oauth2_email_verified: "Check this if the OAuth2 site has verified the email"
     oauth2_send_auth_header: "Send the token as an HTTP Authorization header"
     oauth2_debug_auth: "Include rich debugging information in your logs"
+    oauth2_authorize_options: "When authorizing request these options"
 

config/settings.yml

@@ -14,6 +14,9 @@ login:
   oauth2_email_verified: false
   oauth2_send_auth_header: true
   oauth2_debug_auth: false
+  oauth2_authorize_options:
+    default: 'scope'
+    type: list
   oauth2_button_title:
     default: 'with OAuth2'
     client: true

plugin.rb

@@ -20,6 +20,8 @@ class OAuth2BasicAuthenticator < ::Auth::OAuth2Authenticator
                           authorize_url: SiteSetting.oauth2_authorize_url,
                           token_url: SiteSetting.oauth2_token_url
                         }
+                        opts[:authorize_options] = SiteSetting.oauth2_authorize_options.split("|").map(&:to_sym)
+
                         if SiteSetting.oauth2_send_auth_header?
                           opts[:token_params] = {headers: {'Authorization' => basic_auth_header }}
                         end