Use RFC 7033 webfinger from diaspora_federation gem

app/controllers/api/openid_connect/discovery_controller.rb

@@ -24,17 +24,6 @@
 module Api
   module OpenidConnect
     class DiscoveryController < ApplicationController
-      def webfinger
-        jrd = {
-          links: [{
-            rel:  OpenIDConnect::Discovery::Provider::Issuer::REL_VALUE,
-            href: root_url
-          }]
-        }
-        jrd[:subject] = params[:resource] if params[:resource].present?
-        render json: jrd, content_type: "application/jrd+json"
-      end
-
       def configuration
         render json: OpenIDConnect::Discovery::Provider::Config::Response.new(
           issuer:                                      root_url,

config/initializers/diaspora_federation.rb

@@ -13,14 +13,22 @@ DiasporaFederation.configure do |config|
       person = Person.where(diaspora_handle: diaspora_id, closed_account: false).where.not(owner: nil).first
       if person
         DiasporaFederation::Discovery::WebFinger.new(
-          acct_uri:      "acct:#{person.diaspora_handle}",
-          alias_url:     AppConfig.url_to("/people/#{person.guid}"),
-          hcard_url:     AppConfig.url_to(DiasporaFederation::Engine.routes.url_helpers.hcard_path(person.guid)),
-          seed_url:      AppConfig.pod_uri,
-          profile_url:   person.profile_url,
-          atom_url:      person.atom_url,
-          salmon_url:    person.receive_url,
-          subscribe_url: AppConfig.url_to("/people?q={uri}")
+          {
+            acct_uri:      "acct:#{person.diaspora_handle}",
+            hcard_url:     AppConfig.url_to(DiasporaFederation::Engine.routes.url_helpers.hcard_path(person.guid)),
+            seed_url:      AppConfig.pod_uri,
+            profile_url:   person.profile_url,
+            atom_url:      person.atom_url,
+            salmon_url:    person.receive_url,
+            subscribe_url: AppConfig.url_to("/people?q={uri}")
+          },
+          aliases: [AppConfig.url_to("/people/#{person.guid}")],
+          links:   [
+            {
+              rel:  OpenIDConnect::Discovery::Provider::Issuer::REL_VALUE,
+              href: Rails.application.routes.url_helpers.root_url
+            }
+          ]
         )
       end
     end

config/routes.rb

@@ -230,6 +230,5 @@ Diaspora::Application.routes.draw do
     end
   end
 
-  get ".well-known/webfinger", to: "api/openid_connect/discovery#webfinger"
   get ".well-known/openid-configuration", to: "api/openid_connect/discovery#configuration"
 end

spec/controllers/api/openid_connect/discovery_controller_spec.rb

@@ -1,20 +1,4 @@
 describe Api::OpenidConnect::DiscoveryController, type: :controller do
-  describe "#webfinger" do
-    before do
-      get :webfinger, resource: "http://example.com/bob"
-    end
-
-    it "should return a url to the openid-configuration" do
-      json_body = JSON.parse(response.body)
-      expect(json_body["links"].first["href"]).to eq(root_url)
-    end
-
-    it "should return the resource in the subject" do
-      json_body = JSON.parse(response.body)
-      expect(json_body["subject"]).to eq("http://example.com/bob")
-    end
-  end
-
   describe "#configuration" do
     before do
       get :configuration

spec/federation_callbacks_spec.rb

@@ -6,7 +6,6 @@ describe "diaspora federation callbacks" do
       person = alice.person
       wf = DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, alice.diaspora_handle)
       expect(wf.acct_uri).to eq("acct:#{person.diaspora_handle}")
-      expect(wf.alias_url).to eq(AppConfig.url_to("/people/#{person.guid}"))
       expect(wf.hcard_url).to eq(AppConfig.url_to("/hcard/users/#{person.guid}"))
       expect(wf.seed_url).to eq(AppConfig.pod_uri)
       expect(wf.profile_url).to eq(person.profile_url)
@@ -15,6 +14,14 @@ describe "diaspora federation callbacks" do
       expect(wf.subscribe_url).to eq(AppConfig.url_to("/people?q={uri}"))
     end
 
+    it "contains the OpenID issuer" do
+      wf = DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, alice.diaspora_handle)
+      links = wf.additional_data[:links]
+      openid_issuer = links.find {|l| l[:rel] == OpenIDConnect::Discovery::Provider::Issuer::REL_VALUE }
+      expect(openid_issuer).not_to be_nil
+      expect(openid_issuer[:href]).to eq(Rails.application.routes.url_helpers.root_url)
+    end
+
     it "returns nil if the person was not found" do
       wf = DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, "unknown@example.com")
       expect(wf).to be_nil

spec/models/api/openid_connect/id_token_spec.rb

@@ -7,19 +7,13 @@ describe Api::OpenidConnect::IdToken, type: :model do
       let(:decoded_hash) {
         JSON::JWT.decode(id_token.to_jwt, Api::OpenidConnect::IdTokenConfig::PRIVATE_KEY)
       }
-      let(:discovery_controller) {
-        Api::OpenidConnect::DiscoveryController.new.tap {|controller|
-          controller.request = ActionController::TestRequest.new
-          controller.request.host = AppConfig.pod_uri.authority
-          controller.response = ActionController::TestResponse.new
-        }
-      }
-      let(:openid_webfinger) {
-        JSON.parse(discovery_controller.webfinger[0])
+      let(:webfinger) {
+        DiasporaFederation.callbacks.trigger(:fetch_person_for_webfinger, alice.diaspora_handle).to_json
       }
 
       it "issuer value must much the one we provided in OpenID discovery routine" do
-        expect(decoded_hash["iss"]).to eq(openid_webfinger["links"][0]["href"])
+        openid_issuer = webfinger[:links].find {|l| l[:rel] == OpenIDConnect::Discovery::Provider::Issuer::REL_VALUE }
+        expect(decoded_hash["iss"]).to eq(openid_issuer[:href])
       end
     end
   end