Add aud, exp, iat, iss and sub to the list of default claims exposed by the discovery endpoint

8 years ago · f03ba6d66e
2 changed files with 55 additions and 3 deletions
--- a/src/OpenIddict/OpenIddictOptions.cs
+++ b/src/OpenIddict/OpenIddictOptions.cs
@ -38,7 +38,14 @@ namespace OpenIddict
        /// <summary>
        /// Gets the OAuth2/OpenID Connect claims supported by this application.
        /// </summary>
-        public ISet<string> Claims { get; } = new HashSet<string>(StringComparer.Ordinal);
+        public ISet<string> Claims { get; } = new HashSet<string>(StringComparer.Ordinal)
+        {
+            OpenIdConnectConstants.Claims.Audience,
+            OpenIdConnectConstants.Claims.ExpiresAt,
+            OpenIdConnectConstants.Claims.IssuedAt,
+            OpenIdConnectConstants.Claims.Issuer,
+            OpenIdConnectConstants.Claims.Subject
+        };

        /// <summary>
        /// Gets or sets a boolean indicating whether token revocation should be disabled.
--- a/test/OpenIddict.Tests/OpenIddictProviderTests.Discovery.cs
+++ b/test/OpenIddict.Tests/OpenIddictProviderTests.Discovery.cs
@ -65,9 +65,31 @@ namespace OpenIddict.Tests
            Assert.Contains(flow, types);
        }

+        [Fact]
+        public async Task HandleConfigurationRequest_NoSupportedScopesPropertyIsReturnedWhenNoScopeIsConfigured()
+        {
+            // Arrange
+            var server = CreateAuthorizationServer(builder =>
+            {
+                builder.Configure(options =>
+                {
+                    options.GrantTypes.Remove(OpenIdConnectConstants.GrantTypes.RefreshToken);
+                    options.Scopes.Clear();
+                });
+            });
+
+            var client = new OpenIdConnectClient(server.CreateClient());
+
+            // Act
+            var response = await client.GetAsync(ConfigurationEndpoint);
+
+            // Assert
+            Assert.False(response.HasParameter(OpenIdConnectConstants.Metadata.ScopesSupported));
+        }
+
        [Theory]
        [InlineData(OpenIdConnectConstants.Scopes.OpenId)]
-        public async Task HandleConfigurationRequest_DefaultScopesAreAutomaticallyReturned(string scope)
+        public async Task HandleConfigurationRequest_DefaultScopesAreReturned(string scope)
        {
            // Arrange
            var server = CreateAuthorizationServer();
@ -147,7 +169,10 @@ namespace OpenIddict.Tests
        public async Task HandleConfigurationRequest_NoSupportedClaimsPropertyIsReturnedWhenNoClaimIsConfigured()
        {
            // Arrange
-            var server = CreateAuthorizationServer();
+            var server = CreateAuthorizationServer(builder =>
+            {
+                builder.Configure(options => options.Claims.Clear());
+            });

            var client = new OpenIdConnectClient(server.CreateClient());

@ -158,6 +183,26 @@ namespace OpenIddict.Tests
            Assert.False(response.HasParameter(OpenIdConnectConstants.Metadata.ClaimsSupported));
        }

+        [Theory]
+        [InlineData(OpenIdConnectConstants.Claims.Audience)]
+        [InlineData(OpenIdConnectConstants.Claims.ExpiresAt)]
+        [InlineData(OpenIdConnectConstants.Claims.IssuedAt)]
+        [InlineData(OpenIdConnectConstants.Claims.Issuer)]
+        [InlineData(OpenIdConnectConstants.Claims.Subject)]
+        public async Task HandleConfigurationRequest_DefaultClaimsAreReturned(string claim)
+        {
+            // Arrange
+            var server = CreateAuthorizationServer();
+
+            var client = new OpenIdConnectClient(server.CreateClient());
+
+            // Act
+            var response = await client.GetAsync(ConfigurationEndpoint);
+
+            // Assert
+            Assert.Contains(claim, ((JArray) response[OpenIdConnectConstants.Metadata.ClaimsSupported]).Values<string>());
+        }
+
        [Fact]
        public async Task HandleConfigurationRequest_ConfiguredClaimsAreReturned()
        {