From 937eca9f79c11e9623043c0e3cf1219ec38b77ed Mon Sep 17 00:00:00 2001
From: Michael Bumann <hello@michaelbumann.com>
Date: Fri, 8 May 2020 14:38:18 +0200
Subject: [PATCH] Limit google oauth scope

we only need access to the tinyforms created sheets
---
 config/initializers/sorcery.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/initializers/sorcery.rb b/config/initializers/sorcery.rb
index a03a61f..fd79ede 100644
--- a/config/initializers/sorcery.rb
+++ b/config/initializers/sorcery.rb
@@ -156,7 +156,7 @@ Rails.application.config.sorcery.configure do |config|
   config.google.secret = ENV['GOOGLE_CLIENT_SECRET']
   config.google.callback_url = (ENV['GOOGLE_AUTH_CALLBACK_URL'] || 'http://localhost:3000/oauth/callback?provider=google')
   config.google.user_info_mapping = { email: 'email', name: 'name', google_id: 'id' }
-  config.google.scope = 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/spreadsheets'
+  config.google.scope = 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/drive.file'
   config.google.auth_url = '/o/oauth2/auth?access_type=offline&include_granted_scopes=true'
   #
   # For Microsoft Graph, the key will be your App ID, and the secret will be your app password/public key.