Open main menu

Overview

"Scope" defines the permissions granted to the application. Some cloud storage providers have a lot of "scopes", some have only a few. Usually these are listed while users allow access to their storage, so we should ask only for those permissions we really need.

Dropbox

Dropbox has only two scopes: one is to get access to the whole user's storage and the other is to ask access to App Folder only.

ScummVM uses the latter. Scope is selected when application is created and it seems one can't change it later.

OneDrive

OneDrive has the following scopes (https://dev.onedrive.com/auth/msa_oauth.htm#authentication-scopes):

  • offline_access - provides refresh_token;
  • onedrive.readonly - read-only access to all user's files;
  • onedrive.readwrite - read and write access to all user's files;
  • onedrive.appfolder - read and write access to a special App Folder.

ScummVM uses onedrive.appfolder offline_access. These are passed as "scope" GET parameter in the OAuth link.

Google Drive

Google Drive has different scopes (https://developers.google.com/drive/v3/web/about-auth#OAuth2Authorizing). The most important for us are:

Application Data folder is completely hidden from user, thus ScummVM uses https://www.googleapis.com/auth/drive.file and creates "ScummVM" folder in the root. Scope is passed as "scope" GET parameter in the OAuth link.

Because the app is restricted to its own files, users can not place files in the google drive manually.

Box

Box has special scopes for Organisation and Application Users management, but there is only one scope for Files: get whole access to Box storage.

ScummVM uses that one. Scopes are set in application settings within developer's page.