Nope, you can do it when redirecting the user to the OAuth provider:

http://blog.stochastictechnologies.com/gaining-read-only-acc...

Nice! How does that handle upgrading the permissions later? That was one of the big problems I ran into before: that we requested read access and then to get write access we had to have users first revoke permissions and then grant them again (a nonstarter.)

I'm not sure, unfortunately, but I assume that if you log the user in and out, requesting read-write permission the second time, it will ask.

Thanks!