Translating scopes to claims is not something that should happen at the RP.

rohe · rohe · commit 109f86ae4163 · 2019-11-24T09:21:23.000+01:00
diff --git a/src/oidcmsg/oidc/__init__.py b/src/oidcmsg/oidc/__init__.py
@@ -1135,30 +1135,6 @@ class ClaimsRequest(Message):
         }
 
 
-SCOPE2CLAIMS = {
-    "openid": ["sub"],
-    "profile": ["name", "given_name", "family_name", "middle_name",
-                "nickname", "profile", "picture", "website", "gender",
-                "birthdate", "zoneinfo", "locale", "updated_at",
-                "preferred_username"],
-    "email": ["email", "email_verified"],
-    "address": ["address"],
-    "phone": ["phone_number", "phone_number_verified"],
-    "offline_access": []
-    }
-
-
-def scope2claims(scopes):
-    res = {}
-    for scope in scopes:
-        try:
-            claims = dict([(name, None) for name in SCOPE2CLAIMS[scope]])
-            res.update(claims)
-        except KeyError:
-            continue
-    return res
-
-
 def factory(msgtype, **kwargs):
     for name, obj in inspect.getmembers(sys.modules[__name__]):
         if inspect.isclass(obj) and issubclass(obj, Message):
@@ -1195,7 +1171,7 @@ def claims_match(value, claimspec):
     Implements matching according to section 5.5.1 of
     http://openid.net/specs/openid-connect-core-1_0.html
     The lack of value is not checked here.
-    Also the text doesn't prohibit claims specification having both 'value' 
+    Also the text doesn't prohibit claims specification having both 'value'
     and 'values'.
 
     :param value: single value
diff --git a/tests/test_6_oidc.py b/tests/test_6_oidc.py
@@ -49,7 +49,6 @@
 from oidcmsg.oidc import factory
 from oidcmsg.oidc import msg_ser
 from oidcmsg.oidc import msg_ser_json
-from oidcmsg.oidc import scope2claims
 from oidcmsg.oidc import verified_claim_name
 from oidcmsg.time_util import utc_time_sans_frac
 
@@ -985,24 +984,6 @@ def test_factory_chain():
     assert list(dr.keys()) == ['error']
 
 
-def test_scope2claims():
-    assert scope2claims(['openid']) == {'sub': None}
-    assert set(scope2claims(['profile']).keys()) == {
-        "name", "given_name", "family_name", "middle_name", "nickname",
-        "profile", "picture", "website", "gender", "birthdate", "zoneinfo",
-        "locale", "updated_at", "preferred_username"}
-    assert set(scope2claims(['email']).keys()) == {"email", "email_verified"}
-    assert set(scope2claims(['address']).keys()) == {'address'}
-    assert set(scope2claims(['phone']).keys()) == {"phone_number",
-                                                   "phone_number_verified"}
-    assert scope2claims(['offline_access']) == {}
-
-    assert scope2claims(['openid', 'email', 'phone']) == {
-        'sub': None, "email": None, "email_verified": None,
-        "phone_number": None, "phone_number_verified": None
-        }
-
-
 def test_dict_deser():
     _info = {'foo': 'bar'}
 
