[ProviderInfoDiscovery] Keep unknown scopes

.coveragerc

@@ -0,0 +1,3 @@
+# .coveragerc to control coverage.py
+[run]
+source = .

.travis.yml

@@ -0,0 +1,34 @@
+sudo: false
+language: python
+python:
+- 3.6
+- 3.7
+- 3.8
+- pypy3
+addons:
+  apt:
+    packages:
+    -
+install:
+- pip install codecov
+- pip install tox
+- pip install isort
+- pip install tox-travis
+- pip install responses
+script:
+- codecov --version
+- tox
+- isort --check src tests
+after_success:
+- codecov
+notifications:
+  email: false
+deploy:
+  provider: pypi
+  on:
+    tags: true
+  distributions: bdist_wheel
+  skip_existing: true
+  user: __token__
+  password:
+    secure: AH3jGGXVjV/oOlg4cOnsN7pURlZ7JMcd3Prr69Q++rxfsrmFpxCPtQLpO0LUNPisfyctoImpY64auNMHh20AHdlnvXQu8k/YFZCVcyK6N2d66wgJbO9AOT21N6IkFGyW11K3lYIHzURv9RsTEhzSkOhKmPUack5UhSJ+yAUTZXpt6iZqXBvmxMNzNiCLQdUmTMj4HxxkUVPabpef8PLqyDXvAxJxOCss+QcJVZuWFs85Niw0scTkU4SWz2lhOxeqQNg8s+CEgje2KaIoRy2kETywK53G3RFkSp5ytIJPp8RQK039laeal5yjMsWP4KlbDhHrywyNN7yS69FwPuLC41ppde5G054WcuJTm60Y2uckGu6L3oTBMHsAtSfZuEym/qfDngxYADA+xrATJQF5XSrCz13IiBnoz8Y9zI7t9s66PZSBHg99L85jM45M2kJYCDKxNPffJ/JzCnAMTP0yiBMEQ/UfguMDfJMw+6oSPzGcZHuQVzjLO5mUni71X528Psd/iEYCyN+Vi1QbvDZjbNo/oOLtvegOcnu/H1tGWkH4uEXsg2giqkld2hrZi6K3KfcpPtltuP66Z6ohMqcLegqGUNr8mPMP2I58p7if/6xLEu1e7MNZuoV459bnWepoNMMug2NLq/WIPCiGLNCyV4tdbzqcZQLNwjc5ruFLoz8=

setup.py

@@ -62,9 +62,9 @@ def run_tests(self):
     classifiers=[
         "Development Status :: 4 - Beta",
         "License :: OSI Approved :: Apache Software License",
-        "Programming Language :: Python :: 3.5",
         "Programming Language :: Python :: 3.6",
         "Programming Language :: Python :: 3.7",
+        "Programming Language :: Python :: 3.8",
         "Topic :: Software Development :: Libraries :: Python Modules"],
     install_requires=[
         "pyyaml>=5.1.0",

src/oidcservice/client_auth.py

@@ -6,15 +6,11 @@
 from cryptojwt.exception import MissingKey
 from cryptojwt.jws.utils import alg2keytype
 from oidcmsg.message import VREQUIRED
-from oidcmsg.oauth2 import AccessTokenRequest
-from oidcmsg.oauth2 import SINGLE_OPTIONAL_STRING
+from oidcmsg.oauth2 import SINGLE_OPTIONAL_STRING, AccessTokenRequest
 from oidcmsg.oidc import AuthnToken
 from oidcmsg.time_util import utc_time_sans_frac
 
-from oidcservice import DEF_SIGN_ALG
-from oidcservice import JWT_BEARER
-from oidcservice import rndstr
-from oidcservice import sanitize
+from oidcservice import DEF_SIGN_ALG, JWT_BEARER, rndstr, sanitize
 
 LOGGER = logging.getLogger(__name__)
 

src/oidcservice/oauth2/authorization.py

@@ -6,12 +6,10 @@
 from oidcmsg.oauth2 import ResponseMessage
 from oidcmsg.time_util import time_sans_frac
 
-from oidcservice.oauth2.utils import get_state_parameter
-from oidcservice.oauth2.utils import pick_redirect_uris
-from oidcservice.oauth2.utils import set_state_parameter
+from oidcservice.oauth2.utils import (get_state_parameter, pick_redirect_uris,
+                                      set_state_parameter)
 from oidcservice.service import Service
 
-
 LOGGER = logging.getLogger(__name__)
 
 

src/oidcservice/oauth2/provider_info_discovery.py

@@ -2,7 +2,6 @@
 import logging
 
 from cryptojwt.key_jar import KeyJar
-
 from oidcmsg import oauth2
 from oidcmsg.oauth2 import ResponseMessage
 

src/oidcservice/oauth2/refresh_access_token.py

@@ -8,7 +8,6 @@
 from oidcservice.oauth2.utils import get_state_parameter
 from oidcservice.service import Service
 
-
 LOGGER = logging.getLogger(__name__)
 
 

src/oidcservice/oidc/access_token.py

@@ -4,8 +4,8 @@
 from oidcmsg.oidc import verified_claim_name
 from oidcmsg.time_util import time_sans_frac
 
-from oidcservice.oauth2 import access_token
 from oidcservice.exception import ParameterError
+from oidcservice.oauth2 import access_token
 from oidcservice.oidc import IDT2REG
 
 __author__ = 'Roland Hedberg'

src/oidcservice/oidc/add_on/pkce.py

@@ -3,8 +3,7 @@
 from cryptojwt.utils import b64e
 from oidcmsg.message import Message
 
-from oidcservice import CC_METHOD
-from oidcservice import unreserved
+from oidcservice import CC_METHOD, unreserved
 from oidcservice.exception import Unsupported
 from oidcservice.oauth2.utils import get_state_parameter
 

src/oidcservice/oidc/add_on/pushed_authorization.py

@@ -1,10 +1,11 @@
 import logging
 
-import requests
 from cryptojwt import JWT
 from oidcmsg.message import Message
 from oidcmsg.oauth2 import JWTSecuredAuthorizationRequest
 
+import requests
+
 logger = logging.getLogger(__name__)
 
 

src/oidcservice/oidc/authorization.py

@@ -1,17 +1,16 @@
 import logging
 
 from oidcmsg import oidc
-from oidcmsg.oidc import make_openid_request
-from oidcmsg.oidc import verified_claim_name
+from oidcmsg.oidc import make_openid_request, verified_claim_name
 from oidcmsg.time_util import time_sans_frac
 
 from oidcservice import rndstr
 from oidcservice.exception import ParameterError
 from oidcservice.oauth2 import authorization
-from oidcservice.oidc import IDT2REG
 from oidcservice.oauth2.utils import pick_redirect_uris
-from oidcservice.oidc.utils import construct_request_uri
-from oidcservice.oidc.utils import request_object_encryption
+from oidcservice.oidc import IDT2REG
+from oidcservice.oidc.utils import (construct_request_uri,
+                                    request_object_encryption)
 
 __author__ = 'Roland Hedberg'
 

src/oidcservice/oidc/check_id.py

@@ -1,7 +1,6 @@
 import logging
 
-from oidcmsg.oauth2 import Message
-from oidcmsg.oauth2 import ResponseMessage
+from oidcmsg.oauth2 import Message, ResponseMessage
 from oidcmsg.oidc import session
 
 from oidcservice.service import Service

src/oidcservice/oidc/check_session.py

@@ -1,7 +1,6 @@
 import logging
 
-from oidcmsg.oauth2 import Message
-from oidcmsg.oauth2 import ResponseMessage
+from oidcmsg.oauth2 import Message, ResponseMessage
 from oidcmsg.oidc import session
 
 from oidcservice.service import Service

src/oidcservice/oidc/end_session.py

@@ -1,7 +1,6 @@
 import logging
 
-from oidcmsg.oauth2 import Message
-from oidcmsg.oauth2 import ResponseMessage
+from oidcmsg.oauth2 import Message, ResponseMessage
 from oidcmsg.oidc import session
 
 from oidcservice import rndstr

src/oidcservice/oidc/provider_info_discovery.py

@@ -3,8 +3,8 @@
 from oidcmsg import oidc
 from oidcmsg.oauth2 import ResponseMessage
 
-from oidcservice.oauth2 import provider_info_discovery
 from oidcservice.exception import ConfigurationError
+from oidcservice.oauth2 import provider_info_discovery
 
 __author__ = 'Roland Hedberg'
 
@@ -103,6 +103,7 @@ def match_preferences(self, pcr=None, issuer=None):
         """
 
         if not pcr:
+            # OP capabilities here
             pcr = self.service_context.get('provider_info')
 
         regreq = oidc.RegistrationRequest
@@ -137,7 +138,10 @@ def match_preferences(self, pcr=None, issuer=None):
                 except KeyError:
                     # Allow non standard claims
                     if isinstance(vals, list):
-                        _behaviour[_pref] = [v for v in vals if v in _pvals]
+                        # "if v in _pvals" would be adopted
+                        # a RP relying on oidcService will discard those
+                        # who not are available in op's provider discovery endpoint
+                        _behaviour[_pref] = [v for v in vals] # if v in _pvals]
                     elif vals in _pvals:
                         _behaviour[_pref] = vals
                 else:

src/oidcservice/oidc/read_registration.py

@@ -6,7 +6,6 @@
 
 from oidcservice.service import Service
 
-
 LOGGER = logging.getLogger(__name__)
 
 

src/oidcservice/oidc/userinfo.py

@@ -7,7 +7,6 @@
 from oidcservice.oauth2.utils import get_state_parameter
 from oidcservice.service import Service
 
-
 logger = logging.getLogger(__name__)
 
 UI2REG = {

src/oidcservice/oidc/webfinger.py

@@ -1,15 +1,12 @@
 import logging
-from urllib.parse import urlsplit
-from urllib.parse import urlunsplit
+from urllib.parse import urlsplit, urlunsplit
 
 from oidcmsg import oidc
 from oidcmsg.exception import MissingRequiredAttribute
-from oidcmsg.oauth2 import Message
-from oidcmsg.oauth2 import ResponseMessage
+from oidcmsg.oauth2 import Message, ResponseMessage
 from oidcmsg.oidc import JRD
 
-from oidcservice.oidc import OIC_ISSUER
-from oidcservice.oidc import WF_URL
+from oidcservice.oidc import OIC_ISSUER, WF_URL
 from oidcservice.service import Service
 
 __author__ = 'Roland Hedberg'

src/oidcservice/service.py

@@ -4,18 +4,14 @@
 
 from cryptojwt.jwt import JWT
 from oidcmsg.message import Message
-from oidcmsg.oauth2 import ResponseMessage
-from oidcmsg.oauth2 import is_error_message
+from oidcmsg.oauth2 import ResponseMessage, is_error_message
 
 from oidcservice import util
 from oidcservice.client_auth import factory as ca_factory
 from oidcservice.exception import ResponseError
 from oidcservice.state_interface import StateInterface
-from oidcservice.util import JOSE_ENCODED
-from oidcservice.util import JSON_ENCODED
-from oidcservice.util import URL_ENCODED
-from oidcservice.util import get_http_body
-from oidcservice.util import get_http_url
+from oidcservice.util import (JOSE_ENCODED, JSON_ENCODED, URL_ENCODED,
+                              get_http_body, get_http_url)
 
 __author__ = 'Roland Hedberg'
 

src/oidcservice/service_context.py

@@ -6,17 +6,15 @@
 import hashlib
 import os
 
-from cryptojwt.jwk.rsa import RSAKey
-from cryptojwt.jwk.rsa import import_private_rsa_key_from_file
+from cryptojwt.jwk.rsa import RSAKey, import_private_rsa_key_from_file
 from cryptojwt.key_bundle import KeyBundle
 from cryptojwt.key_jar import build_keyjar
 from cryptojwt.utils import as_bytes
+from oidcmsg.context import OidcContext
 # This represents a map between the local storage of algorithm choices
 # and how they are represented in a provider info response.
 from oidcmsg.message import Message
 from oidcmsg.oidc import RegistrationRequest
-from oidcmsg.context import OidcContext
-
 
 CLI_REG_MAP = {
     "userinfo": {

src/oidcservice/state_interface.py

@@ -1,9 +1,8 @@
 """A database interface for storing state information."""
 import json
 
-from oidcmsg.message import Message
-from oidcmsg.message import SINGLE_OPTIONAL_JSON
-from oidcmsg.message import SINGLE_REQUIRED_STRING
+from oidcmsg.message import (SINGLE_OPTIONAL_JSON, SINGLE_REQUIRED_STRING,
+                             Message)
 from oidcmsg.oidc import verified_claim_name
 
 from oidcservice import rndstr

src/oidcservice/util.py

@@ -1,9 +1,7 @@
 """Utilities"""
 import importlib
 import logging
-from urllib.parse import parse_qs
-from urllib.parse import urlsplit
-from urllib.parse import urlunsplit
+from urllib.parse import parse_qs, urlsplit, urlunsplit
 
 import yaml
 from oidcmsg.exception import UnSupported

tests/test_03_util.py

@@ -1,13 +1,10 @@
 import json
-from urllib.parse import parse_qs
-from urllib.parse import urlsplit
+from urllib.parse import parse_qs, urlsplit
 
-from oidcmsg.oauth2 import AccessTokenRequest
-from oidcmsg.oauth2 import AuthorizationRequest
+from oidcmsg.oauth2 import AccessTokenRequest, AuthorizationRequest
 
 from oidcservice import util
-from oidcservice.util import JSON_ENCODED
-from oidcservice.util import URL_ENCODED
+from oidcservice.util import JSON_ENCODED, URL_ENCODED
 
 __author__ = 'Roland Hedberg'
 

tests/test_07_service.py

@@ -1,14 +1,10 @@
 import pytest
+from oidcmsg.oauth2 import (SINGLE_OPTIONAL_INT, SINGLE_OPTIONAL_STRING,
+                            SINGLE_REQUIRED_STRING, Message)
 
-from oidcservice.service_context import ServiceContext
 from oidcservice.service import Service
-from oidcservice.state_interface import InMemoryStateDataBase
-from oidcservice.state_interface import State
-
-from oidcmsg.oauth2 import Message
-from oidcmsg.oauth2 import SINGLE_OPTIONAL_INT
-from oidcmsg.oauth2 import SINGLE_OPTIONAL_STRING
-from oidcmsg.oauth2 import SINGLE_REQUIRED_STRING
+from oidcservice.service_context import ServiceContext
+from oidcservice.state_interface import InMemoryStateDataBase, State
 
 
 class DummyMessage(Message):

tests/test_08_webfinger.py

@@ -1,12 +1,9 @@
 import json
-from urllib.parse import parse_qs
-from urllib.parse import unquote_plus
-from urllib.parse import urlsplit
+from urllib.parse import parse_qs, unquote_plus, urlsplit
 
 import pytest
 from oidcmsg.exception import MissingRequiredAttribute
-from oidcmsg.oidc import JRD
-from oidcmsg.oidc import Link
+from oidcmsg.oidc import JRD, Link
 
 from oidcservice.oidc import OIC_ISSUER
 from oidcservice.oidc.webfinger import WebFinger