From 1d8f9eaddebf965d66904e094f2c0deb2dc14808 Mon Sep 17 00:00:00 2001
From: Markus Koller <markus-koller@gmx.ch>
Date: Wed, 5 Oct 2016 16:54:55 +0200
Subject: [PATCH] feature: Add supported claims to discovery response

---
 README.md                                        |  4 ++--
 .../openid_connect/discovery_controller.rb       | 16 ++++++++++++++++
 .../openid_connect/discovery_controller_spec.rb  | 13 +++++++++++++
 .../openid_connect/userinfo_controller_spec.rb   |  2 +-
 .../initializers/doorkeeper_openid_connect.rb    |  4 ++++
 5 files changed, 36 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 08e2d99..2302662 100644
--- a/README.md
+++ b/README.md
@@ -58,11 +58,11 @@ Add the following to your config/initializers/doorkeeper_openid_connect.rb:
       # expiration 600
 
       claims do
-        claim :_foo_ do |resource_owner|
+        normal_claim :_foo_ do |resource_owner|
           resource_owner.foo
         end
 
-        claim :_bar_ do |resource_owner|
+        normal_claim :_bar_ do |resource_owner|
           resource_owner.bar
         end
       end
diff --git a/app/controllers/doorkeeper/openid_connect/discovery_controller.rb b/app/controllers/doorkeeper/openid_connect/discovery_controller.rb
index 0116396..593dde9 100644
--- a/app/controllers/doorkeeper/openid_connect/discovery_controller.rb
+++ b/app/controllers/doorkeeper/openid_connect/discovery_controller.rb
@@ -53,6 +53,22 @@ def provider_response
           id_token_signing_alg_values_supported: [
             'RS256',
           ],
+
+          claim_types_supported: [
+            'normal',
+
+            # TODO: support these
+            #'aggregated',
+            #'distributed',
+          ],
+
+          claims_supported: [
+            'iss',
+            'sub',
+            'aud',
+            'exp',
+            'iat',
+          ] | openid_connect.claims.to_h.keys,
         }
       end
 
diff --git a/spec/controllers/doorkeeper/openid_connect/discovery_controller_spec.rb b/spec/controllers/doorkeeper/openid_connect/discovery_controller_spec.rb
index 0b74b5e..7be8973 100644
--- a/spec/controllers/doorkeeper/openid_connect/discovery_controller_spec.rb
+++ b/spec/controllers/doorkeeper/openid_connect/discovery_controller_spec.rb
@@ -30,6 +30,19 @@
         'id_token_signing_alg_values_supported' => [
           'RS256',
         ],
+
+        'claim_types_supported' => [
+          'normal',
+        ],
+
+        'claims_supported' => [
+          'iss',
+          'sub',
+          'aud',
+          'exp',
+          'iat',
+          'name',
+        ],
       }.sort)
     end
 
diff --git a/spec/controllers/doorkeeper/openid_connect/userinfo_controller_spec.rb b/spec/controllers/doorkeeper/openid_connect/userinfo_controller_spec.rb
index 99c544c..d7b1666 100644
--- a/spec/controllers/doorkeeper/openid_connect/userinfo_controller_spec.rb
+++ b/spec/controllers/doorkeeper/openid_connect/userinfo_controller_spec.rb
@@ -13,7 +13,7 @@
         get :show, access_token: token.token
 
         expect(response.status).to eq 200
-        expect(response.body).to eq %Q{{"sub":"#{user.id}"}}
+        expect(response.body).to eq %Q{{"sub":"#{user.id}","name":"Joe"}}
       end
     end
 
diff --git a/spec/dummy/config/initializers/doorkeeper_openid_connect.rb b/spec/dummy/config/initializers/doorkeeper_openid_connect.rb
index c43bd0b..087ed06 100644
--- a/spec/dummy/config/initializers/doorkeeper_openid_connect.rb
+++ b/spec/dummy/config/initializers/doorkeeper_openid_connect.rb
@@ -50,4 +50,8 @@
   subject do |resource_owner|
     resource_owner.id
   end
+
+  claims do
+    normal_claim :name, &:name
+  end
 end