From c3527d0ecea1dbc005f11d1912b0451b2660c889 Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Mon, 9 Jun 2025 14:55:03 -0600
Subject: refactor: remove non-essential metadata

---
 spec/integration/server_spec.rb | 43 ++++++++++++++++++++++++++++++++++++-----
 1 file changed, 38 insertions(+), 5 deletions(-)

(limited to 'spec')

diff --git a/spec/integration/server_spec.rb b/spec/integration/server_spec.rb
index 93d2bfd..6a041fb 100644
--- a/spec/integration/server_spec.rb
+++ b/spec/integration/server_spec.rb
@@ -3,7 +3,8 @@
 require 'spec_helper'
 
 RSpec.describe "Server" do
-  let(:base_url) { "http://#{RSpec.configuration.bind_addr}" }
+  let(:host) { RSpec.configuration.bind_addr }
+  let(:base_url) { "http://#{host}" }
   let(:client) { RSpec.configuration.http }
 
   describe "GET /" do
@@ -22,10 +23,42 @@ RSpec.describe "Server" do
 
   # https://datatracker.ietf.org/doc/html/rfc8414#section-3.1
   describe "GET /.well-known/oauth-authorization-server" do
-    it 'returns OK' do
-      response = client.get(base_url + "/.well-known/oauth-authorization-server")
-      expect(response.code).to eq("200")
-      expect(response["Content-Type"]).to eq("application/json")
+    let(:response) { client.get(base_url + "/.well-known/oauth-authorization-server") }
+    let(:json) { JSON.parse(response.body, symbolize_names: true) }
+
+    it { expect(response.code).to eq("200") }
+    it { expect(response["Content-Type"]).to eq("application/json") }
+
+    it 'returns required fields' do
+      expect(json[:issuer]).to eq("#{base_url}")
+      expect(json[:authorization_endpoint]).to eq("#{base_url}/authorize")
+      expect(json[:token_endpoint]).to eq("#{base_url}/token")
+      expect(json[:response_types_supported]).to match_array(["code"])
+    end
+
+    it 'returns recommended fields' do
+      expect(json[:scopes_supported]).to match_array(["openid", "profile", "email"])
+    end
+
+    pending 'returns optional fields' do
+      expect(json[:response_modes_supported]).to eq("")
+      expect(json[:jwks_uri]).to eq("#{base_url}/jwks.json")
+      expect(json[:registration_endpoint]).to eq("#{base_url}/register")
+      expect(json[:token_endpoint_auth_methods_supported]).to match_array(["client_secret_basic"])
+      expect(json[:token_endpoint_auth_signing_alg_values_supported]).to match_array(["RS256"])
+      expect(json[:service_documentation]).to eq("#{base_url}/service_documentation.html")
+      expect(json[:ui_locales_supported]).to match_array(["en-US"])
+      expect(json[:op_policy_uri]).to eq("")
+      expect(json[:op_tos_uri]).to eq("")
+      expect(json[:revocation_endpoint]).to eq("")
+      expect(json[:revocation_endpoint_auth_methods_supported]).to eq("")
+      expect(json[:revocation_endpoint_auth_signing_alg_values_supported]).to eq("")
+      expect(json[:introspection_endpoint]).to eq("")
+      expect(json[:introspection_endpoint_auth_methods_supported]).to eq("")
+      expect(json[:introspection_endpoint_auth_signing_alg_values_supported]).to eq("")
+      expect(json[:code_challenge_methods_supported]).to eq("")
+      expect(json[:signed_metadata]).to eq("")
+      expect(json[:grant_types_supported]).to match_array(["authorization_code"])
     end
   end
 
-- 
cgit v1.2.3