Skip to content

OIDC: Add "scopes_supported" to openid-configuration. #1106

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jan 27, 2022
Merged

OIDC: Add "scopes_supported" to openid-configuration. #1106

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
7166cf9
OIDC: Add "scopes_supported" to openid-configuration.
n2ygk Jan 27, 2022
83bd5a2
Update changelog for this PR.
n2ygk Jan 27, 2022
21125f4
Update changelog to reference OIDC discovery specs.
n2ygk Jan 27, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [2.0.0] unreleased

### Added
* #1106 Add "scopes_supported" to the [ConnectDiscoveryInfoView](https://django-oauth-toolkit.readthedocs.io/en/latest/oidc.html#connectdiscoveryinfoview).
This completes the view to provide all the REQUIRED and RECOMMENDED [OpenID Provider Metadata](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).

### Changed
* #1093 (**Breaking**) Changed to implement [hashed](https://docs.djangoproject.com/en/stable/topics/auth/passwords/)
client_secret values. This is a **breaking change** that will migrate all your existing
Expand Down
7 changes: 6 additions & 1 deletion oauth2_provider/views/oidc.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,8 @@

class ConnectDiscoveryInfoView(OIDCOnlyMixin, View):
"""
View used to show oidc provider configuration information
View used to show oidc provider configuration information per
`OpenID Provider Metadata <https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata>`_
"""

def get(self, request, *args, **kwargs):
Expand Down Expand Up @@ -49,13 +50,17 @@ def get(self, request, *args, **kwargs):
validator_class = oauth2_settings.OAUTH2_VALIDATOR_CLASS
validator = validator_class()
oidc_claims = list(set(validator.get_discovery_claims(request)))
scopes_class = oauth2_settings.SCOPES_BACKEND_CLASS
scopes = scopes_class()
scopes_supported = [scope for scope in scopes.get_available_scopes()]

data = {
"issuer": issuer_url,
"authorization_endpoint": authorization_endpoint,
"token_endpoint": token_endpoint,
"userinfo_endpoint": userinfo_endpoint,
"jwks_uri": jwks_uri,
"scopes_supported": scopes_supported,
"response_types_supported": oauth2_settings.OIDC_RESPONSE_TYPES_SUPPORTED,
"subject_types_supported": oauth2_settings.OIDC_SUBJECT_TYPES_SUPPORTED,
"id_token_signing_alg_values_supported": signing_algorithms,
Expand Down
2 changes: 2 additions & 0 deletions tests/test_oidc_views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ def test_get_connect_discovery_info(self):
"token_endpoint": "http://localhost/o/token/",
"userinfo_endpoint": "http://localhost/o/userinfo/",
"jwks_uri": "http://localhost/o/.well-known/jwks.json",
"scopes_supported": ["read", "write", "openid"],
"response_types_supported": [
"code",
"token",
Expand Down Expand Up @@ -44,6 +45,7 @@ def test_get_connect_discovery_info_without_issuer_url(self):
"token_endpoint": "http://testserver/o/token/",
"userinfo_endpoint": "http://testserver/o/userinfo/",
"jwks_uri": "http://testserver/o/.well-known/jwks.json",
"scopes_supported": ["read", "write", "openid"],
"response_types_supported": [
"code",
"token",
Expand Down