Merge pull request #57 from ctriant/fix_registration

Fix registration after fedservice refactor

Author: rohe

src/idpyoidc/server/oidc/registration.py

@@ -16,6 +16,7 @@
 from idpyoidc.message.oidc import RegistrationRequest
 from idpyoidc.message.oidc import RegistrationResponse
 from idpyoidc.server.endpoint import Endpoint
+from idpyoidc.server.exception import CapabilitiesMisMatch
 from idpyoidc.server.exception import InvalidRedirectURIError
 from idpyoidc.server.exception import InvalidSectorIdentifier
 from idpyoidc.time_util import utc_time_sans_frac
@@ -155,7 +156,11 @@ def match_claim(self, claim, val):
                     else:
                         return None
                 else:
-                    return list(set(_val).intersection(set(val)))
+                    _ret = list(set(_val).intersection(set(val)))
+                    if len(_ret) > 0:
+                        return _ret
+                    else:
+                        raise CapabilitiesMisMatch(_my_key)
             else:
                 if val == _val:
                     return val
@@ -407,7 +412,13 @@ def client_registration_setup(self, request, new_id=True, set_secret=True):
         request.rm_blanks()
         _context = self.upstream_get("context")
 
-        request = self.filter_client_request(request)
+        try:
+            request = self.filter_client_request(request)
+        except CapabilitiesMisMatch as err:
+            return ResponseMessage(
+                error="invalid_request",
+                error_description="Don't support proposed %s" % err,
+            )
 
         if new_id:
             if self.kwargs.get("client_id_generator"):

tests/test_server_23_oidc_registration_endpoint.py

@@ -338,6 +338,15 @@ def test_register_initiate_login_uri_wrong_scheme(self):
         assert "error" in _resp
         assert _resp["error"] == "invalid_configuration_request"
 
+    def test_register_unsupported_response_type(self):
+        self.endpoint.upstream_get("context").provider_info["response_types_supported"] = ["token", "id_token"]
+        _msg = MSG.copy()
+        _msg["response_types"] = ["id_token token"]
+        _req = self.endpoint.parse_request(RegistrationRequest(**_msg).to_json())
+        _resp = self.endpoint.process_request(request=_req)
+        assert _resp["error"] == "invalid_request"
+        assert "response_type" in _resp["error_description"]
+
 
 def test_match_sp_sep():
     assert match_sp_sep("foo bar", "bar foo")