RPHandler uses StandAloneClient.

Author: rohe

src/idpyoidc/client/defaults.py

@@ -31,10 +31,7 @@
     "response_types": [
         "code",
         "id_token",
-        "id_token token",
         "code id_token",
-        "code id_token token",
-        "code token",
     ],
     "token_endpoint_auth_method": "client_secret_basic",
     "scopes_supported": ["openid"],
@@ -48,6 +45,7 @@
 # Using PKCE is default
 DEFAULT_CLIENT_CONFIGS = {
     "": {
+        "client_type": "oidc",
         "preference": DEFAULT_CLIENT_PREFERENCES,
         "add_ons": {
             "pkce": {

src/idpyoidc/client/oauth2/__init__.py

@@ -68,10 +68,12 @@ def __init__(
         :return: Client instance
         """
 
-        if not client_type:
-            client_type = self.client_type
-        else:
+        if client_type:
             self.client_type = client_type
+        elif config and 'client_type' in config:
+            client_type = self.client_type = config["client_type"]
+        else:
+            client_type = self.client_type
 
         if verify_ssl is False:
             # just ignore verify_ssl until it goes away

src/idpyoidc/client/oauth2/stand_alone_client.py

@@ -16,6 +16,7 @@
 from idpyoidc.exception import MessageException
 from idpyoidc.exception import MissingRequiredAttribute
 from idpyoidc.exception import NotForMe
+from idpyoidc.message import Message
 from idpyoidc.message.oauth2 import is_error_message
 from idpyoidc.message.oauth2 import ResponseMessage
 from idpyoidc.message.oidc import AuthorizationRequest
@@ -32,7 +33,7 @@
 
 class StandAloneClient(Client):
 
-    def get_session_information(self, key, client=None):
+    def get_session_information(self,key):
         """
         This is the second of the methods users of this class should know about.
         It will return the complete session information as an
@@ -42,7 +43,7 @@ def get_session_information(self, key, client=None):
         :return: A State instance
         """
 
-        return client.get_context().cstate.get(key)
+        return self.get_context().cstate.get(key)
 
     def do_provider_info(
             self,
@@ -59,7 +60,7 @@ def do_provider_info(
 
         _context = self.get_context()
         _pi = _context.get("provider_info")
-        if _pi is None:
+        if _pi is None or _pi == {}:
             dynamic_provider_info_discovery(self, behaviour_args=behaviour_args)
             _pi = _context.provider_info
         elif len(_pi) == 1 and 'issuer' in _pi:
@@ -96,7 +97,11 @@ def do_provider_info(
                         raise ValueError("Unknown provider JWKS type: {}".format(typ))
 
         _context.map_supported_to_preferred(info=_pi)
-        return _context.provider_info['issuer']
+
+        try:
+            return _context.provider_info['issuer']
+        except:
+            return _context.issuer
 
     def do_client_registration(
             self,
@@ -338,7 +343,7 @@ def get_user_info(self, state, access_token="", **kwargs):
         return resp
 
     @staticmethod
-    def userinfo_in_id_token(id_token, user_info_claims: Optional[List] = None):
+    def userinfo_in_id_token(id_token: Message, user_info_claims: Optional[List] = None) -> dict:
         """
         Given a verified ID token return all the claims that may be user information.
 
@@ -359,7 +364,6 @@ def finalize_auth(
         Given the response returned to the redirect_uri, parse and verify it.
 
         :param behaviour_args: For finetuning behaviour
-        :param issuer: An Issuer ID
         :param response: The authorization response as a dictionary
         :return: An :py:class:`idpyoidc.message.oidc.AuthorizationResponse` or
             :py:class:`idpyoidc.message.oauth2.AuthorizationResponse` instance.
@@ -391,7 +395,11 @@ def finalize_auth(
         except KeyError:
             raise KeyError("Unknown state value")
 
-        issuer = _context.provider_info['issuer']
+        try:
+            issuer = _context.provider_info['issuer']
+        except KeyError:
+            issuer = _context.issuer
+
         if _iss != issuer:
             logger.error("Issuer problem: {} != {}".format(_iss, issuer))
             # got it from the wrong bloke
@@ -550,7 +558,7 @@ def finalize(self, response, behaviour_args: Optional[dict] = None):
             "token": token["access_token"],
             "id_token": _id_token,
             "session_state": authorization_response.get("session_state", ""),
-            "issuer": _context.provider_info['issuer']
+            "issuer": _context.issuer
         }
 
     def has_active_authentication(self, state):