From 3440709ec5567f73557bcffca6a14840b140d85d Mon Sep 17 00:00:00 2001
From: theworldbright <kent@kentshikama.com>
Date: Fri, 6 Nov 2015 17:19:42 -0800
Subject: [PATCH] Explicitly state no support for user info alg

---
 app/controllers/api/openid_connect/discovery_controller.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/controllers/api/openid_connect/discovery_controller.rb b/app/controllers/api/openid_connect/discovery_controller.rb
index 368d361c0..a2fe1b766 100644
--- a/app/controllers/api/openid_connect/discovery_controller.rb
+++ b/app/controllers/api/openid_connect/discovery_controller.rb
@@ -29,7 +29,8 @@ module Api
           id_token_signing_alg_values_supported:       %i(RS256),
           token_endpoint_auth_methods_supported:       %w(client_secret_basic client_secret_post private_key_jwt),
           claims_parameter_supported:                  true,
-          claims_supported:                            %w(sub name nickname profile picture)
+          claims_supported:                            %w(sub name nickname profile picture),
+          userinfo_signing_alg_values_supported:       %w(none)
         )
       end
     end