Ask for an additional read:org OAuth scope

This is to facilitate:
- requesting teams for review on `pr create`
- allowing `repo create ORG/REPO --team TEAM`

auth/oauth.go

@@ -11,6 +11,7 @@ import (
 	"net/http"
 	"net/url"
 	"os"
+	"strings"
 
 	"github.com/cli/cli/pkg/browser"
 )
@@ -29,6 +30,7 @@ type OAuthFlow struct {
 	Hostname         string
 	ClientID         string
 	ClientSecret     string
+	Scopes           []string
 	WriteSuccessHTML func(io.Writer)
 	VerboseStream    io.Writer
 }
@@ -45,11 +47,15 @@ func (oa *OAuthFlow) ObtainAccessToken() (accessToken string, err error) {
 	}
 	port := listener.Addr().(*net.TCPAddr).Port
 
+	scopes := "repo"
+	if oa.Scopes != nil {
+		scopes = strings.Join(oa.Scopes, " ")
+	}
+
 	q := url.Values{}
 	q.Set("client_id", oa.ClientID)
 	q.Set("redirect_uri", fmt.Sprintf("http://127.0.0.1:%d/callback", port))
-	// TODO: make scopes configurable
+	q.Set("scope", scopes)
-	q.Set("scope", "repo")
 	q.Set("state", state)
 
 	startURL := fmt.Sprintf("https://%s/login/oauth/authorize?%s", oa.Hostname, q.Encode())

context/config_setup.go

@@ -36,6 +36,7 @@ func setupConfigFile(filename string) (*configEntry, error) {
 		Hostname:     oauthHost,
 		ClientID:     oauthClientID,
 		ClientSecret: oauthClientSecret,
+		Scopes:       []string{"repo", "read:org"},
 		WriteSuccessHTML: func(w io.Writer) {
 			fmt.Fprintln(w, oauthSuccessPage)
 		},