Worked on claims

Author: rohe

src/idpyoidc/client/claims/__init__.py

@@ -13,6 +13,8 @@ def get_client_authn_methods():
 
 
 class Claims(claims.Claims):
+    _supports = {}
+
     def get_base_url(self, configuration: dict, entity_id: Optional[str] = ""):
         _base = configuration.get("base_url")
         if not _base:

src/idpyoidc/client/claims/oauth2.py

@@ -3,19 +3,34 @@
 from idpyoidc.client import claims
 from idpyoidc.client.claims.transform import create_registration_request
 
+REGISTER2PREFERRED = {
+    "scope": "scopes_supported",
+    "token_endpoint_auth_signing_alg": "token_endpoint_auth_signing_alg_values_supported",
+    "response_types": "response_types_supported",
+    # "response_modes": "response_modes_supported",
+    "grant_types": "grant_types_supported",
+    "token_endpoint_auth_method": "token_endpoint_auth_methods_supported",
+    "token_auth_signing_algs": "token_auth_signing_algs_supported",
+    # 'ui_locales': 'ui_locales_supported',
+}
+
 
 class Claims(claims.Claims):
+    register2preferred = REGISTER2PREFERRED
+
     _supports = {
         "redirect_uris": None,
-        "grant_types_supported": ["authorization_code", "implicit", "refresh_token"],
+        # "scopes_supported": [],
         "response_types_supported": ["code"],
-        "client_id": None,
-        "client_secret": None,
+        # "response_modes_supported": ["query", "fragment"],
+        "grant_types_supported": ["authorization_code", "implicit", "refresh_token"],
+        "token_endpoint_auth_methods_supported": ["none", "client_secret_post", "client_secret_basic"],
+        # "token_auth_signing_algs_supported": metadata.get_signing_algs(),
         "client_name": None,
         "client_uri": None,
         "logo_uri": None,
+        "scope": None,
         "contacts": None,
-        "scopes_supported": [],
         "tos_uri": None,
         "policy_uri": None,
         "jwks_uri": None,

src/idpyoidc/client/claims/oidc.py

@@ -70,6 +70,7 @@ class Claims(client_claims.Claims):
         "client_name": None,
         "client_secret": None,
         "client_uri": None,
+        "code_challenge_methods_supported": None,
         "contacts": None,
         "default_max_age": 86400,
         "encrypt_id_token_supported": None,

src/idpyoidc/client/claims/transform.py

@@ -51,10 +51,10 @@
 
 
 def supported_to_preferred(
-    supported: dict,
-    preference: dict,
-    base_url: str,
-    info: Optional[dict] = None,
+        supported: dict,
+        preference: dict,
+        base_url: str,
+        info: Optional[dict] = None,
 ):
     if info:  # The provider info
         for key, val in supported.items():
@@ -83,7 +83,7 @@ def supported_to_preferred(
                         preference[key] = [x for x in val if x in _info_val]
                     else:
                         pass
-                else:
+                elif val:
                     preference[key] = val
 
         # special case -> must have a request_uris value
@@ -148,7 +148,7 @@ def _intersection(a, b):
 
 
 def preferred_to_registered(
-    prefers: dict, supported: dict, registration_response: Optional[dict] = None
+        prefers: dict, supported: dict, registration_response: Optional[dict] = None
 ):
     """
     The claims with values that are returned from the OP is what goes unless (!!)
@@ -219,4 +219,10 @@ def create_registration_request(prefers: dict, supported: dict) -> dict:
             continue
 
         _request[key] = array_or_singleton(spec, value)
+
+    for key, val in prefers.items():
+        if key not in RegistrationRequest.c_param.keys():
+            if key not in REGISTER2PREFERRED.values():
+                _request[key] = val
+
     return _request

src/idpyoidc/client/oauth2/authorization.py

@@ -31,8 +31,7 @@ class Authorization(Service):
 
     _supports = {
         "response_types_supported": ["code"],
-        "response_modes_supported": ["query", "fragment"],
-        "grant_types": []
+        "grant_types": None
     }
 
     _callback_path = {

src/idpyoidc/server/claims/oauth2.py

@@ -39,7 +39,7 @@ class Claims(claims.Claims):
     def __init__(self, prefer: Optional[dict] = None, callback_path: Optional[dict] = None):
         claims.Claims.__init__(self, prefer=prefer, callback_path=callback_path)
 
-    def provider_info(self, supports, schema: Optional[Message] = None):
+    def metadata(self, supports, schema: Optional[Message] = None):
         _info = {}
         if schema is None:
             schema = ASConfigurationResponse

src/idpyoidc/server/endpoint_context.py

@@ -247,8 +247,9 @@ def __init__(
             metadata_schema = conf.conf.get("metadata_schema", None)
         if metadata_schema:
             metadata_schema = importer(metadata_schema)
-        self.provider_info = self.get_provider_info(_supports, schema=metadata_schema)
+        self.provider_info = self.get_metadata(_supports, schema=metadata_schema)
         self.provider_info["issuer"] = self.issuer
+        self.metadata = self.provider_info
 
         # INTERFACES
 
@@ -274,12 +275,12 @@ def __init__(
         # if _id_token_handler:
         #     self.provider_info.update(_id_token_handler.provider_info)
 
-    def get_provider_info(self, supports: Optional[dict] = None, schema: Optional[Message] = None):
+    def get_metadata(self, supports: Optional[dict] = None, schema: Optional[Message] = None):
         if supports is None:
             supports = self.supports()
-        _provider_info = self.claims.provider_info(supports, schema)
-        _provider_info.update(self._get_endpoint_info())
-        return _provider_info
+        _metadata = self.claims.metadata(supports, schema)
+        _metadata.update(self._get_endpoint_info())
+        return _metadata
 
     def setup_authz(self):
         authz_spec = self.conf.get("authz")