meteor – Google OAuth conditional scope, requestPermissions


I am using the Meteor Account package for OAuth login with google.

My use case is to allow users to login with google. And later, provide them options to opt for linking to Google calendar.

i.e by default I need only email/profile scope during login. And, when the user clicks the button inside the app ( like Update events to my Google calendar ), I want to get the permissions for accessing https://www.googleapis.com/auth/calendar.events.

One option I figured out is to call LoginWithGoogle the second time with the requestPermissions.
My questions are,

  1. Is this the correct way?
  2. If so, how do I prompt the user to provide permission ( without further button click) if the user is denied or revoked this access later point? i.e when getting 403 – insufficientPermissions error.
  3. What are the exceptions that I need to take care of?

Your help is highly appreciated.