dkam/clinch
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Wiki Activity

OpenID Conformance: Include all required scopes when profile is requested, even if they're empty
Some checks failed
CI / scan_ruby (push) Has been cancelled
Details
CI / scan_js (push) Has been cancelled
Details
CI / scan_container (push) Has been cancelled
Details
CI / lint (push) Has been cancelled
Details
CI / test (push) Has been cancelled
Details
CI / system-test (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Dan Milne
2026-01-02 15:47:40 +11:00
parent b517ebe809
commit 182682024d
2 changed files with 39 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
test/controllers/oidc_userinfo_controller_test.rb
View File

@@ -115,9 +115,25 @@ class OidcUserinfoControllerTest < ActionDispatch::IntegrationTest
# Required claims
assert json["sub"].present?
# Profile claims should be present
assert_equal @user.email_address, json["preferred_username"], "Should include preferred_username with profile scope"
assert json["name"].present?, "Should include name with profile scope"
# All standard profile claims should be present (per OIDC Core spec section 5.4)
# Some may be null if we don't have the data, but the keys should exist
assert json.key?("name"), "Should include name claim"
assert json.key?("given_name"), "Should include given_name claim (may be null)"
assert json.key?("family_name"), "Should include family_name claim (may be null)"
assert json.key?("middle_name"), "Should include middle_name claim (may be null)"
assert json.key?("nickname"), "Should include nickname claim (may be null)"
assert json.key?("preferred_username"), "Should include preferred_username claim"
assert json.key?("profile"), "Should include profile claim (may be null)"
assert json.key?("picture"), "Should include picture claim (may be null)"
assert json.key?("website"), "Should include website claim (may be null)"
assert json.key?("gender"), "Should include gender claim (may be null)"
assert json.key?("birthdate"), "Should include birthdate claim (may be null)"
assert json.key?("zoneinfo"), "Should include zoneinfo claim (may be null)"
assert json.key?("locale"), "Should include locale claim (may be null)"
assert json.key?("updated_at"), "Should include updated_at claim"
# Verify preferred_username is using username or email
assert json["preferred_username"].present?, "preferred_username should have a value"
# Email claims should NOT be present
assert_nil json["email"], "Should not include email without email scope"