From f17d8092194a022125570ede214168b8c98dac06 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sat, 26 Dec 2020 21:18:16 +0100 Subject: [PATCH] providers/oauth2: add scopes_supported to discovery endpoint --- authentik/providers/oauth2/views/provider.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/authentik/providers/oauth2/views/provider.py b/authentik/providers/oauth2/views/provider.py index 7a72d7fad..28c983374 100644 --- a/authentik/providers/oauth2/views/provider.py +++ b/authentik/providers/oauth2/views/provider.py @@ -7,7 +7,7 @@ from django.views import View from structlog import get_logger from authentik.core.models import Application -from authentik.providers.oauth2.constants import ACR_AUTHENTIK_DEFAULT +from authentik.providers.oauth2.constants import ACR_AUTHENTIK_DEFAULT, SCOPE_OPENID from authentik.providers.oauth2.models import OAuth2Provider LOGGER = get_logger() @@ -56,6 +56,10 @@ class ProviderInfoView(View): "client_secret_basic", ], "acr_values_supported": [ACR_AUTHENTIK_DEFAULT], + "scopes_supported": [ + # We only advertise the 'openid' scope, as the rest vary depending on application + SCOPE_OPENID, + ], } # pylint: disable=unused-argument