How to update the existing account scope incrementally #6224
Description
Question 💬
TL;DR; Need to add additional OAuth scopes to an existing user account, without loosing the old scopes (openid, profile, email, others...)
Use-case: After a user have signed up to our website (using the google or email provider), they can optionally opt-in to grant access for Google Spreadsheets or Google Calendar Events, so an additional scope such as https://www.googleapis.com/auth/spreadsheets, should be granted by opening a new Consent screen with extended permissions / scopes, the new scope should be added to the existing account that was initiated in the first signed up without loosing the existing scopes.
We are using the google provider, after the sign up/ login the user can grant access to additional scopes, i've seen how to open a Consent screen with extended permissions / scopes, (using the additional parameters in the client signin method), the consent screen opens with the provided scope,
when the user accepts the required scope, we need to update the existing user account (scope field)
We also need a way to check if a given user has a certain scope from the rest api or the client
We can update/get the scope filed if we go directly to the database, but we are wondering if there is a better way to handle this use case using next auth
Related to: How to add additional OAuth Scopes / Permissions to existing account
How to reproduce ☕️
What we are using to open the consent prompt
signIn("google", {}, { scope: joinedScopes, prompt: "consent" });
Contributing 🙌🏽
Yes, I am willing to help answer this question in a PR