Skip to content

Commit

Permalink
fix: only assign Discovery 1.0 defaults when Issuer is discovered
Browse files Browse the repository at this point in the history
When calling new Issuer({ ... }) the Discovery 1.0 defaults will not be
assigned on the instance anymore.
  • Loading branch information
panva committed Aug 23, 2018
1 parent 2aed999 commit dca60b8
Show file tree
Hide file tree
Showing 4 changed files with 35 additions and 14 deletions.
1 change: 1 addition & 0 deletions lib/helpers/consts.js
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ const CLIENT_DEFAULTS = {
};

const ISSUER_DEFAULTS = {
claim_types_supported: ['normal'],
claims_parameter_supported: false,
grant_types_supported: ['authorization_code', 'implicit'],
request_parameter_supported: false,
Expand Down
6 changes: 2 additions & 4 deletions lib/issuer.js
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,7 @@ class Issuer {
* @name constructor
* @api public
*/
constructor(metadata) {
const meta = Object.assign({}, ISSUER_DEFAULTS, metadata);

constructor(meta = {}) {
['introspection', 'revocation'].forEach((endpoint) => {
// e.g. defaults introspection_endpoint to token_introspection_endpoint value
if (
Expand Down Expand Up @@ -218,7 +216,7 @@ class Issuer {
const wellKnownUri = url.format(Object.assign({}, parsed, { pathname }));
return this.httpClient.get(wellKnownUri, this.httpOptions())
.then(expectResponseWithBody(200))
.then(response => new this(JSON.parse(response.body)));
.then(response => new this(Object.assign({}, ISSUER_DEFAULTS, JSON.parse(response.body))));
}))
.catch((err) => {
if (err instanceof pAny.AggregateError) {
Expand Down
24 changes: 24 additions & 0 deletions test/issuer/discover_issuer.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -166,6 +166,30 @@ const fail = () => { throw new Error('expected promise to be rejected'); };
});
});

it('assigns Discovery 1.0 defaults', function () {
nock('https://op.example.com', { allowUnmocked: true })
.get('/.well-known/openid-configuration')
.reply(200, {
authorization_endpoint: 'https://op.example.com/o/oauth2/v2/auth',
issuer: 'https://op.example.com',
jwks_uri: 'https://op.example.com/oauth2/v3/certs',
token_endpoint: 'https://op.example.com/oauth2/v4/token',
userinfo_endpoint: 'https://op.example.com/oauth2/v3/userinfo',
});

return Issuer.discover('https://op.example.com')
.then((issuer) => {
expect(issuer).to.have.property('claims_parameter_supported', false);
expect(issuer).to.have.property('grant_types_supported').to.eql(['authorization_code', 'implicit']);
expect(issuer).to.have.property('request_parameter_supported', false);
expect(issuer).to.have.property('request_uri_parameter_supported', true);
expect(issuer).to.have.property('require_request_uri_registration', false);
expect(issuer).to.have.property('response_modes_supported').to.eql(['query', 'fragment']);
expect(issuer).to.have.property('claim_types_supported').to.eql(['normal']);
expect(issuer).to.have.property('token_endpoint_auth_methods_supported').to.eql(['client_secret_basic']);
});
});

it('is rejected with OpenIdConnectError upon oidc error', function () {
nock('https://op.example.com', { allowUnmocked: true })
.get('/.well-known/openid-configuration')
Expand Down
18 changes: 8 additions & 10 deletions test/issuer/new_issuer.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -22,18 +22,16 @@ describe('new Issuer()', function () {
expect(issuer).to.have.property('userinfo_endpoint', 'https://www.googleapis.com/oauth2/v3/userinfo');
});

it('assigns defaults to some properties', function () {
it('does not assign Discovery 1.0 defaults when instantiating manually', function () {
const issuer = new Issuer();

expect(issuer).to.have.property('claims_parameter_supported', false);
expect(issuer).to.have.property('grant_types_supported')
.to.eql(['authorization_code', 'implicit']);
expect(issuer).to.have.property('request_parameter_supported', false);
expect(issuer).to.have.property('request_uri_parameter_supported', true);
expect(issuer).to.have.property('require_request_uri_registration', false);
expect(issuer).to.have.property('response_modes_supported').to.eql(['query', 'fragment']);
expect(issuer).to.have.property('token_endpoint_auth_methods_supported')
.to.eql(['client_secret_basic']);
expect(issuer).not.to.have.property('claims_parameter_supported');
expect(issuer).not.to.have.property('grant_types_supported');
expect(issuer).not.to.have.property('request_parameter_supported');
expect(issuer).not.to.have.property('request_uri_parameter_supported');
expect(issuer).not.to.have.property('require_request_uri_registration');
expect(issuer).not.to.have.property('response_modes_supported');
expect(issuer).not.to.have.property('token_endpoint_auth_methods_supported');
});

['introspection', 'revocation'].forEach((endpoint) => {
Expand Down

0 comments on commit dca60b8

Please sign in to comment.