From ff722f7f7d93d23fdad6f1706d2b64e9240c0259 Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Tue, 11 Mar 2025 16:54:26 -0600
Subject: test: GET ./well-known/openid-configuration

---
 test/e2e_test.go | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

(limited to 'test')

diff --git a/test/e2e_test.go b/test/e2e_test.go
index 32737c7..c4b03bd 100644
--- a/test/e2e_test.go
+++ b/test/e2e_test.go
@@ -120,6 +120,47 @@ func TestAuthx(t *testing.T) {
 			// assert.NotEmpty(t, metadata["code_challenge_methods_supported"])
 		})
 
+		t.Run("GET /.well-known/openid-configuration", func(t *testing.T) {
+			response := x.Must(client.Get("http://idp.example.com:8080/.well-known/openid-configuration"))
+			assert.Equal(t, http.StatusOK, response.StatusCode)
+			metadata := x.Must(serde.FromJSON[map[string]interface{}](response.Body))
+			assert.Equal(t, "http://idp.example.com:8080/.well-known/oauth-authorization-server", metadata["issuer"])
+			assert.Equal(t, "http://idp.example.com:8080/oauth/authorize", metadata["authorization_endpoint"])
+			assert.Equal(t, "http://idp.example.com:8080/oauth/token", metadata["token_endpoint"])
+			assert.NotEmpty(t, metadata["userinfo_endpoint"])
+			// assert.NotEmpty(t, metadata["jwks_uri"])
+			// assert.NotEmpty(t, metadata["registration_endpoint"])
+			assert.NotEmpty(t, metadata["scopes_supported"])
+			assert.NotEmpty(t, metadata["response_types_supported"])
+			assert.NotEmpty(t, metadata["response_modes_supported"])
+			assert.NotEmpty(t, metadata["grant_types_supported"])
+			// assert.NotEmpty(t, metadata["acr_values_supported"])
+			assert.NotEmpty(t, metadata["subject_types_supported"])
+			assert.NotEmpty(t, metadata["id_token_signing_alg_values_supported"])
+			// assert.NotEmpty(t, metadata["id_token_encryption_alg_values_supported"])
+			// assert.NotEmpty(t, metadata["id_token_encryption_enc_values_supported"])
+			assert.NotEmpty(t, metadata["userinfo_signing_alg_values_supported"])
+			// assert.NotEmpty(t, metadata["userinfo_encryption_alg_values_supported"])
+			// assert.NotEmpty(t, metadata["userinfo_encryption_enc_values_supported"])
+			assert.NotEmpty(t, metadata["request_object_signing_alg_values_supported"])
+			// assert.NotEmpty(t, metadata["request_object_encryption_alg_values_supported"])
+			// assert.NotEmpty(t, metadata["request_object_encryption_enc_values_supported"])
+			assert.NotEmpty(t, metadata["token_endpoint_auth_methods_supported"])
+			// assert.NotEmpty(t, metadata["token_endpoint_auth_signing_alg_values_supported"])
+			// assert.NotEmpty(t, metadata["display_values_supported"])
+			assert.NotEmpty(t, metadata["claim_types_supported"])
+			assert.NotEmpty(t, metadata["claims_supported"])
+			// assert.NotEmpty(t, metadata["service_documentation"])
+			// assert.NotEmpty(t, metadata["claims_locales_supported"])
+			assert.NotEmpty(t, metadata["ui_locales_supported"])
+			// assert.True(t, metadata["claims_parameter_supported"])
+			// assert.True(t, metadata["request_parameter_supported"])
+			// assert.True(t, metadata["request_uri_parameter_supported"])
+			// assert.True(t, metadata["require_request_uri_registration"])
+			// assert.NotEmpty(t, metadata["op_policy_uri"])
+			// assert.NotEmpty(t, metadata["op_tos_uri"])
+		})
+
 		t.Run("authorization code grant", func(t *testing.T) {
 			conf := &oauth2.Config{
 				ClientID:     "client_id",
-- 
cgit v1.2.3