From f03ba6d66ee3fdf0177614b94fd615dd05f95b01 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Chalet?= Date: Thu, 28 Sep 2017 07:04:11 +0200 Subject: [PATCH] Add aud, exp, iat, iss and sub to the list of default claims exposed by the discovery endpoint --- src/OpenIddict/OpenIddictOptions.cs | 9 +++- .../OpenIddictProviderTests.Discovery.cs | 49 ++++++++++++++++++- 2 files changed, 55 insertions(+), 3 deletions(-) diff --git a/src/OpenIddict/OpenIddictOptions.cs b/src/OpenIddict/OpenIddictOptions.cs index cf4c62e9..42bfca1c 100644 --- a/src/OpenIddict/OpenIddictOptions.cs +++ b/src/OpenIddict/OpenIddictOptions.cs @@ -38,7 +38,14 @@ namespace OpenIddict /// /// Gets the OAuth2/OpenID Connect claims supported by this application. /// - public ISet Claims { get; } = new HashSet(StringComparer.Ordinal); + public ISet Claims { get; } = new HashSet(StringComparer.Ordinal) + { + OpenIdConnectConstants.Claims.Audience, + OpenIdConnectConstants.Claims.ExpiresAt, + OpenIdConnectConstants.Claims.IssuedAt, + OpenIdConnectConstants.Claims.Issuer, + OpenIdConnectConstants.Claims.Subject + }; /// /// Gets or sets a boolean indicating whether token revocation should be disabled. diff --git a/test/OpenIddict.Tests/OpenIddictProviderTests.Discovery.cs b/test/OpenIddict.Tests/OpenIddictProviderTests.Discovery.cs index 4eb047b5..73b85c80 100644 --- a/test/OpenIddict.Tests/OpenIddictProviderTests.Discovery.cs +++ b/test/OpenIddict.Tests/OpenIddictProviderTests.Discovery.cs @@ -65,9 +65,31 @@ namespace OpenIddict.Tests Assert.Contains(flow, types); } + [Fact] + public async Task HandleConfigurationRequest_NoSupportedScopesPropertyIsReturnedWhenNoScopeIsConfigured() + { + // Arrange + var server = CreateAuthorizationServer(builder => + { + builder.Configure(options => + { + options.GrantTypes.Remove(OpenIdConnectConstants.GrantTypes.RefreshToken); + options.Scopes.Clear(); + }); + }); + + var client = new OpenIdConnectClient(server.CreateClient()); + + // Act + var response = await client.GetAsync(ConfigurationEndpoint); + + // Assert + Assert.False(response.HasParameter(OpenIdConnectConstants.Metadata.ScopesSupported)); + } + [Theory] [InlineData(OpenIdConnectConstants.Scopes.OpenId)] - public async Task HandleConfigurationRequest_DefaultScopesAreAutomaticallyReturned(string scope) + public async Task HandleConfigurationRequest_DefaultScopesAreReturned(string scope) { // Arrange var server = CreateAuthorizationServer(); @@ -147,7 +169,10 @@ namespace OpenIddict.Tests public async Task HandleConfigurationRequest_NoSupportedClaimsPropertyIsReturnedWhenNoClaimIsConfigured() { // Arrange - var server = CreateAuthorizationServer(); + var server = CreateAuthorizationServer(builder => + { + builder.Configure(options => options.Claims.Clear()); + }); var client = new OpenIdConnectClient(server.CreateClient()); @@ -158,6 +183,26 @@ namespace OpenIddict.Tests Assert.False(response.HasParameter(OpenIdConnectConstants.Metadata.ClaimsSupported)); } + [Theory] + [InlineData(OpenIdConnectConstants.Claims.Audience)] + [InlineData(OpenIdConnectConstants.Claims.ExpiresAt)] + [InlineData(OpenIdConnectConstants.Claims.IssuedAt)] + [InlineData(OpenIdConnectConstants.Claims.Issuer)] + [InlineData(OpenIdConnectConstants.Claims.Subject)] + public async Task HandleConfigurationRequest_DefaultClaimsAreReturned(string claim) + { + // Arrange + var server = CreateAuthorizationServer(); + + var client = new OpenIdConnectClient(server.CreateClient()); + + // Act + var response = await client.GetAsync(ConfigurationEndpoint); + + // Assert + Assert.Contains(claim, ((JArray) response[OpenIdConnectConstants.Metadata.ClaimsSupported]).Values()); + } + [Fact] public async Task HandleConfigurationRequest_ConfiguredClaimsAreReturned() {