Update HandleConfigurationRequest to use the new HandleConfigurationRequestContext.Claims property

8 years ago · f17db7496d
4 changed files with 16 additions and 16 deletions
--- a/build/dependencies.props
+++ b/build/dependencies.props
@ -2,7 +2,7 @@

  <PropertyGroup Label="Package Versions">
    <AspNetContribOpenIdExtensionsVersion>2.0.0-rc3-0307</AspNetContribOpenIdExtensionsVersion>
-    <AspNetContribOpenIdServerVersion>2.0.0-rc3-1371</AspNetContribOpenIdServerVersion>
+    <AspNetContribOpenIdServerVersion>2.0.0-rc3-1376</AspNetContribOpenIdServerVersion>
    <AspNetCoreVersion>2.0.0</AspNetCoreVersion>
    <CoreFxVersion>4.4.0</CoreFxVersion>
    <CryptoHelperVersion>3.0.2</CryptoHelperVersion>
--- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Discovery.cs
+++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Discovery.cs
@ -8,7 +8,6 @@ using System.Threading.Tasks;
 using AspNet.Security.OpenIdConnect.Primitives;
 using AspNet.Security.OpenIdConnect.Server;
 using JetBrains.Annotations;
-using Newtonsoft.Json.Linq;

 namespace OpenIddict.Server
 {
@ -30,14 +29,11 @@ namespace OpenIddict.Server
            context.GrantTypes.Clear();
            context.GrantTypes.UnionWith(options.GrantTypes);

-            // Only return the scopes configured by the developer.
+            // Only return the scopes and the claims configured by the developer.
            context.Scopes.Clear();
            context.Scopes.UnionWith(options.Scopes);
-
-            // Note: claims_supported is a recommended parameter but is not strictly required.
-            // If no claim was registered, the claims_supported property will be automatically
-            // excluded from the response by the OpenID Connect server middleware.
-            context.Metadata[OpenIdConnectConstants.Metadata.ClaimsSupported] = new JArray(options.Claims);
+            context.Claims.Clear();
+            context.Claims.UnionWith(options.Claims);

            // Note: the optional claims/request/request_uri parameters are not supported
            // by OpenIddict, so "false" is returned to encourage clients not to use them.
--- a/src/OpenIddict.Server/OpenIddictServerOptions.cs
+++ b/src/OpenIddict.Server/OpenIddictServerOptions.cs
@ -56,6 +56,7 @@ namespace OpenIddict.Server
            OpenIdConnectConstants.Claims.ExpiresAt,
            OpenIdConnectConstants.Claims.IssuedAt,
            OpenIdConnectConstants.Claims.Issuer,
+            OpenIdConnectConstants.Claims.JwtId,
            OpenIdConnectConstants.Claims.Subject
        };

--- a/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Discovery.cs
+++ b/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Discovery.cs
@ -4,6 +4,7 @@
 * the license and the contributors participating to this project.
 */

+using System.Linq;
 using System.Threading.Tasks;
 using AspNet.Security.OpenIdConnect.Client;
 using AspNet.Security.OpenIdConnect.Primitives;
@ -178,13 +179,8 @@ namespace OpenIddict.Server.Tests
            Assert.False(response.HasParameter(OpenIdConnectConstants.Metadata.ClaimsSupported));
        }

-        [Theory]
-        [InlineData(OpenIdConnectConstants.Claims.Audience)]
-        [InlineData(OpenIdConnectConstants.Claims.ExpiresAt)]
-        [InlineData(OpenIdConnectConstants.Claims.IssuedAt)]
-        [InlineData(OpenIdConnectConstants.Claims.Issuer)]
-        [InlineData(OpenIdConnectConstants.Claims.Subject)]
-        public async Task HandleConfigurationRequest_DefaultClaimsAreReturned(string claim)
+        [Fact]
+        public async Task HandleConfigurationRequest_DefaultClaimsAreReturned()
        {
            // Arrange
            var server = CreateAuthorizationServer();
@ -193,9 +189,16 @@ namespace OpenIddict.Server.Tests

            // Act
            var response = await client.GetAsync(ConfigurationEndpoint);
+            var claims = ((JArray) response[OpenIdConnectConstants.Metadata.ClaimsSupported]).Values<string>().ToArray();

            // Assert
-            Assert.Contains(claim, ((JArray) response[OpenIdConnectConstants.Metadata.ClaimsSupported]).Values<string>());
+            Assert.Equal(6, claims.Length);
+            Assert.Contains(OpenIdConnectConstants.Claims.Audience, claims);
+            Assert.Contains(OpenIdConnectConstants.Claims.ExpiresAt, claims);
+            Assert.Contains(OpenIdConnectConstants.Claims.IssuedAt, claims);
+            Assert.Contains(OpenIdConnectConstants.Claims.Issuer, claims);
+            Assert.Contains(OpenIdConnectConstants.Claims.JwtId, claims);
+            Assert.Contains(OpenIdConnectConstants.Claims.Subject, claims);
        }

        [Fact]