Merge pull request #1127 from hectorj2f/add_code_challenge_method_support

oidc: add code challenge supported methods to the discovery doc
This commit is contained in:
Margo Crawford 2022-04-19 11:23:57 -07:00 committed by GitHub
commit c40bca5e65
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 4 additions and 0 deletions

View File

@ -37,6 +37,7 @@ type Metadata struct {
TokenEndpointAuthMethodsSupported []string `json:"token_endpoint_auth_methods_supported"` TokenEndpointAuthMethodsSupported []string `json:"token_endpoint_auth_methods_supported"`
ScopesSupported []string `json:"scopes_supported"` ScopesSupported []string `json:"scopes_supported"`
ClaimsSupported []string `json:"claims_supported"` ClaimsSupported []string `json:"claims_supported"`
CodeChallengeMethodsSupported []string `json:"code_challenge_methods_supported"`
// ^^^ Optional ^^^ // ^^^ Optional ^^^
@ -64,6 +65,7 @@ func NewHandler(issuerURL string) http.Handler {
SubjectTypesSupported: []string{"public"}, SubjectTypesSupported: []string{"public"},
IDTokenSigningAlgValuesSupported: []string{"ES256"}, IDTokenSigningAlgValuesSupported: []string{"ES256"},
TokenEndpointAuthMethodsSupported: []string{"client_secret_basic"}, TokenEndpointAuthMethodsSupported: []string{"client_secret_basic"},
CodeChallengeMethodsSupported: []string{"S256"},
ScopesSupported: []string{"openid", "offline"}, ScopesSupported: []string{"openid", "offline"},
ClaimsSupported: []string{"groups"}, ClaimsSupported: []string{"groups"},
} }

View File

@ -46,6 +46,7 @@ func TestDiscovery(t *testing.T) {
"id_token_signing_alg_values_supported": ["ES256"], "id_token_signing_alg_values_supported": ["ES256"],
"token_endpoint_auth_methods_supported": ["client_secret_basic"], "token_endpoint_auth_methods_supported": ["client_secret_basic"],
"scopes_supported": ["openid", "offline"], "scopes_supported": ["openid", "offline"],
"code_challenge_methods_supported": ["S256"],
"claims_supported": ["groups"], "claims_supported": ["groups"],
"discovery.supervisor.pinniped.dev/v1alpha1": { "discovery.supervisor.pinniped.dev/v1alpha1": {
"pinniped_identity_providers_endpoint": "https://some-issuer.com/some/path/v1alpha1/pinniped_identity_providers" "pinniped_identity_providers_endpoint": "https://some-issuer.com/some/path/v1alpha1/pinniped_identity_providers"

View File

@ -505,6 +505,7 @@ func requireWellKnownEndpointIsWorking(t *testing.T, supervisorScheme, superviso
"scopes_supported": ["openid", "offline"], "scopes_supported": ["openid", "offline"],
"response_types_supported": ["code"], "response_types_supported": ["code"],
"response_modes_supported": ["query", "form_post"], "response_modes_supported": ["query", "form_post"],
"code_challenge_methods_supported": ["S256"],
"claims_supported": ["groups"], "claims_supported": ["groups"],
"discovery.supervisor.pinniped.dev/v1alpha1": {"pinniped_identity_providers_endpoint": "%s/v1alpha1/pinniped_identity_providers"}, "discovery.supervisor.pinniped.dev/v1alpha1": {"pinniped_identity_providers_endpoint": "%s/v1alpha1/pinniped_identity_providers"},
"subject_types_supported": ["public"], "subject_types_supported": ["public"],