From 3ac4ea72662ecb14eb1125c276a19958e828aff2 Mon Sep 17 00:00:00 2001
From: Giuseppe <giuseppe.demarco@unical.it>
Date: Mon, 7 Sep 2020 18:24:45 +0200
Subject: [PATCH] provider discovery would keep unavailable scopes instead of
 removing them from RP authz request

---
 src/oidcservice/oidc/provider_info_discovery.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/oidcservice/oidc/provider_info_discovery.py b/src/oidcservice/oidc/provider_info_discovery.py
index ace4da9..a735a19 100644
--- a/src/oidcservice/oidc/provider_info_discovery.py
+++ b/src/oidcservice/oidc/provider_info_discovery.py
@@ -103,6 +103,7 @@ def match_preferences(self, pcr=None, issuer=None):
         """
 
         if not pcr:
+            # OP capabilities here
             pcr = self.service_context.get('provider_info')
 
         regreq = oidc.RegistrationRequest
@@ -137,7 +138,10 @@ def match_preferences(self, pcr=None, issuer=None):
                 except KeyError:
                     # Allow non standard claims
                     if isinstance(vals, list):
-                        _behaviour[_pref] = [v for v in vals if v in _pvals]
+                        # "if v in _pvals" would be adopted
+                        # a RP relying on oidcService will discard those
+                        # who not are available in op's provider discovery endpoint
+                        _behaviour[_pref] = [v for v in vals] # if v in _pvals]
                     elif vals in _pvals:
                         _behaviour[_pref] = vals
                 else: