Support for more metadata

app/controllers/openid_connect/authorizations_controller.rb

@@ -53,7 +53,8 @@ class OpenidConnect::AuthorizationsController < ApplicationController
   end
 
   def process_authorization_consent(approvedString)
-    endpoint = OpenidConnect::AuthorizationPoint::EndpointConfirmationPoint.new(current_user, to_boolean(approvedString))
+    endpoint = OpenidConnect::AuthorizationPoint::EndpointConfirmationPoint.new(
+      current_user, to_boolean(approvedString))
     handle_confirmation_endpoint_response(endpoint)
   end
 
@@ -80,7 +81,9 @@ class OpenidConnect::AuthorizationsController < ApplicationController
     req = Rack::Request.new(request.env)
     req.update_param("client_id", session[:client_id])
     req.update_param("redirect_uri", session[:redirect_uri])
-    req.update_param("response_type", session[:response_type].respond_to?(:map) ? session[:response_type].map(&:to_s).join(" ") : session[:response_type])
+    req.update_param("response_type", session[:response_type].respond_to?(:map) ?
+                                      session[:response_type].map(&:to_s).join(" ") :
+                                      session[:response_type])
     req.update_param("scopes", session[:scopes])
     req.update_param("request_object", session[:request_object])
     req.update_param("nonce", session[:nonce])

app/controllers/openid_connect/clients_controller.rb

@@ -3,7 +3,7 @@ class OpenidConnect::ClientsController < ApplicationController
     http_error_page_as_json(e)
   end
 
-  rescue_from OpenIDConnect::ValidationFailed do |e|
+  rescue_from OpenIDConnect::ValidationFailed, ActiveRecord::RecordInvalid do |e|
     validation_fail_as_json(e)
   end
 

app/models/openid_connect/o_auth_application.rb

@@ -4,14 +4,26 @@ class OpenidConnect::OAuthApplication < ActiveRecord::Base
 
   validates :client_id, presence: true, uniqueness: true
   validates :client_secret, presence: true
+  validates :client_name, presence: true
 
   serialize :redirect_uris, JSON
+  serialize :response_types, JSON
+  serialize :grant_types, JSON
+  serialize :contacts, JSON
 
   before_validation :setup, on: :create
 
   def setup
     self.client_id = SecureRandom.hex(16)
     self.client_secret = SecureRandom.hex(32)
+    self.response_types = []
+    self.grant_types = []
+    self.application_type = "web"
+    self.contacts = []
+    self.logo_uri = ""
+    self.client_uri = ""
+    self.policy_uri = ""
+    self.tos_uri = ""
   end
 
   class << self
@@ -24,8 +36,23 @@ class OpenidConnect::OAuthApplication < ActiveRecord::Base
       build_client_application(registrar)
     end
 
+    private
+
     def build_client_application(registrar)
-      create! redirect_uris: registrar.redirect_uris
+      create! registrar_attributes(registrar)
+    end
+
+    def supported_metadata
+      %i(client_name response_types grant_types application_type
+         contacts logo_uri client_uri policy_uri tos_uri)
+    end
+
+    def registrar_attributes(registrar)
+      supported_metadata.each_with_object({}) do |key, attr|
+        if registrar.public_send(key)
+          attr[key] = registrar.public_send(key)
+        end
+      end
     end
   end
 end

app/views/openid_connect/authorizations/new.html.haml

@@ -1,4 +1,4 @@
-%h2= @o_auth_application.name
+%h2= @o_auth_application.client_name
 %p= t(".will_be_redirected")
 = @redirect_uri
 = t(".with_id_token")

db/migrate/20150613202109_create_o_auth_applications.rb

@@ -4,8 +4,16 @@ class CreateOAuthApplications < ActiveRecord::Migration
       t.belongs_to :user, index: true
       t.string :client_id
       t.string :client_secret
-      t.string :name
+      t.string :client_name
       t.string :redirect_uris
+      t.string :response_types
+      t.string :grant_types
+      t.string :application_type
+      t.string :contacts
+      t.string :logo_uri
+      t.string :client_uri
+      t.string :policy_uri
+      t.string :tos_uri
 
       t.timestamps null: false
     end

db/schema.rb

@@ -276,13 +276,21 @@ ActiveRecord::Schema.define(version: 20150724152052) do
   add_index "o_auth_access_tokens", ["authorization_id"], name: "index_o_auth_access_tokens_on_authorization_id", using: :btree
 
   create_table "o_auth_applications", force: :cascade do |t|
-    t.integer  "user_id",       limit: 4
+    t.integer  "user_id",          limit: 4
-    t.string   "client_id",     limit: 255
+    t.string   "client_id",        limit: 255
-    t.string   "client_secret", limit: 255
+    t.string   "client_secret",    limit: 255
-    t.string   "name",          limit: 255
+    t.string   "client_name",      limit: 255
-    t.string   "redirect_uris", limit: 255
+    t.string   "redirect_uris",    limit: 255
-    t.datetime "created_at",                null: false
+    t.string   "response_types",   limit: 255
-    t.datetime "updated_at",                null: false
+    t.string   "grant_types",      limit: 255
+    t.string   "application_type", limit: 255
+    t.string   "contacts",         limit: 255
+    t.string   "logo_uri",         limit: 255
+    t.string   "client_uri",       limit: 255
+    t.string   "policy_uri",       limit: 255
+    t.string   "tos_uri",          limit: 255
+    t.datetime "created_at",                   null: false
+    t.datetime "updated_at",                   null: false
   end
 
   add_index "o_auth_applications", ["user_id"], name: "index_o_auth_applications_on_user_id", using: :btree

features/step_definitions/password_flow_steps.rb

@@ -1,6 +1,6 @@
 When /^I register a new client$/ do
   client_registration_url = "/openid_connect/clients"
-  post client_registration_url, redirect_uris: ["http://localhost:3000"]
+  post client_registration_url, redirect_uris: ["http://localhost:3000"], client_name: "diaspora client"
 end
 
 Given /^I send a post request from that client to the password flow token endpoint using "([^\"]*)"'s credentials$/ do |username|

spec/controllers/openid_connect/authorizations_controller_spec.rb

@@ -2,11 +2,12 @@ require "spec_helper"
 
 describe OpenidConnect::AuthorizationsController, type: :controller do
   let!(:client) do
-    OpenidConnect::OAuthApplication.create!(name: "Diaspora Test Client", redirect_uris: ["http://localhost:3000/"])
+    OpenidConnect::OAuthApplication.create!(
+      client_name: "Diaspora Test Client", redirect_uris: ["http://localhost:3000/"])
   end
   let!(:client_with_multiple_redirects) do
     OpenidConnect::OAuthApplication.create!(
-      name: "Diaspora Test Client", redirect_uris: ["http://localhost:3000/", "http://localhost/"])
+      client_name: "Diaspora Test Client", redirect_uris: ["http://localhost:3000/", "http://localhost/"])
   end
 
   # TODO: jhass - "Might want to setup some factories in spec/factories.rb, see factory_girl's docs."

spec/controllers/openid_connect/clients_controller_spec.rb

@@ -4,14 +4,28 @@ describe OpenidConnect::ClientsController, type: :controller do
   describe "#create" do
     context "when valid parameters are passed" do
       it "should return a client id" do
-        post :create, redirect_uris: ["http://localhost"]
+        post :create, redirect_uris: ["http://localhost"], client_name: "diaspora client",
+             response_types: [], grant_types: [], application_type: "web", contacts: [],
+             logo_uri: "http://test.com/logo.png", client_uri: "http://test.com/client",
+             policy_uri: "http://test.com/policy", tos_uri: "http://test.com/tos"
         client_json = JSON.parse(response.body)
         expect(client_json["o_auth_application"]["client_id"].length).to eq(32)
       end
     end
     context "when redirect uri is missing" do
       it "should return a invalid_client_metadata error" do
-        post :create
+        post :create, response_types: [], grant_types: [], application_type: "web", contacts: [],
+          logo_uri: "http://test.com/logo.png", client_uri: "http://test.com/client",
+          policy_uri: "http://test.com/policy", tos_uri: "http://test.com/tos"
+        client_json = JSON.parse(response.body)
+        expect(client_json["error"]).to have_content("invalid_client_metadata")
+      end
+    end
+    context "when redirect client_name is missing" do
+      it "should return a invalid_client_metadata error" do
+        post :create, redirect_uris: ["http://localhost"], response_types: [], grant_types: [],
+             application_type: "web", contacts: [], logo_uri: "http://test.com/logo.png",
+             client_uri: "http://test.com/client", policy_uri: "http://test.com/policy", tos_uri: "http://test.com/tos"
         client_json = JSON.parse(response.body)
         expect(client_json["error"]).to have_content("invalid_client_metadata")
       end

spec/lib/openid_connect/protected_resource_endpoint_spec.rb

@@ -3,7 +3,8 @@ require "spec_helper"
 describe OpenidConnect::ProtectedResourceEndpoint, type: :request do
   describe "getting the user info" do
     let!(:client) do
-      OpenidConnect::OAuthApplication.create!(name: "Diaspora Test Client", redirect_uris: ["http://localhost:3000/"])
+      OpenidConnect::OAuthApplication.create!(
+        client_name: "Diaspora Test Client", redirect_uris: ["http://localhost:3000/"])
     end
     let!(:auth) { OpenidConnect::Authorization.find_or_create_by(o_auth_application: client, user: bob) }
     let!(:access_token) { auth.create_access_token.to_s }

spec/lib/openid_connect/token_endpoint_spec.rb

@@ -1,7 +1,10 @@
 require "spec_helper"
 
 describe OpenidConnect::TokenEndpoint, type: :request do
-  let!(:client) { OpenidConnect::OAuthApplication.create!(redirect_uris: ["http://localhost"]) }
+  let!(:client) do
+    OpenidConnect::OAuthApplication.create!(
+      redirect_uris: ["http://localhost"], client_name: "diaspora client")
+  end
   let!(:auth) { OpenidConnect::Authorization.find_or_create_by(o_auth_application: client, user: bob) }
 
   describe "the password grant type" do