From 1497e70225adf7825a6ee572eacd120421cd27d5 Mon Sep 17 00:00:00 2001
From: kali <ariary9.2@hotmail.fr>
Date: Fri, 3 Sep 2021 05:48:37 -0400
Subject: [PATCH 1/3] Add parametrization of grant type supported in discovery
 endpoint

Signed-off-by: ariary <ariary9.2@hotmail.fr>
---
 server/handlers.go |  4 +++-
 server/server.go   | 14 +++++++++++---
 2 files changed, 14 insertions(+), 4 deletions(-)
 mode change 100644 => 100755 server/handlers.go
 mode change 100644 => 100755 server/server.go

diff --git a/server/handlers.go b/server/handlers.go
old mode 100644
new mode 100755
index 2a4f8c71..cbdf5f5b
--- a/server/handlers.go
+++ b/server/handlers.go
@@ -94,7 +94,6 @@ func (s *Server) discoveryHandler() (http.HandlerFunc, error) {
 		UserInfo:          s.absURL("/userinfo"),
 		DeviceEndpoint:    s.absURL("/device/code"),
 		Subjects:          []string{"public"},
-		GrantTypes:        []string{grantTypeAuthorizationCode, grantTypeRefreshToken, grantTypeDeviceCode},
 		IDTokenAlgs:       []string{string(jose.RS256)},
 		CodeChallengeAlgs: []string{codeChallengeMethodS256, codeChallengeMethodPlain},
 		Scopes:            []string{"openid", "email", "groups", "profile", "offline_access"},
@@ -110,6 +109,9 @@ func (s *Server) discoveryHandler() (http.HandlerFunc, error) {
 	}
 	sort.Strings(d.ResponseTypes)
 
+	d.GrantTypes = s.supportedGrantTypes
+	sort.Strings(d.GrantTypes)
+
 	data, err := json.MarshalIndent(d, "", "  ")
 	if err != nil {
 		return nil, fmt.Errorf("failed to marshal discovery data: %v", err)
diff --git a/server/server.go b/server/server.go
old mode 100644
new mode 100755
index 957b62dc..094eb518
--- a/server/server.go
+++ b/server/server.go
@@ -169,6 +169,8 @@ type Server struct {
 
 	supportedResponseTypes map[string]bool
 
+	supportedGrantTypes []string
+
 	now func() time.Time
 
 	idTokensValidFor       time.Duration
@@ -209,14 +211,19 @@ func newServer(ctx context.Context, c Config, rotationStrategy rotationStrategy)
 		c.SupportedResponseTypes = []string{responseTypeCode}
 	}
 
-	supported := make(map[string]bool)
+	supportedRes := make(map[string]bool)
 	for _, respType := range c.SupportedResponseTypes {
 		switch respType {
 		case responseTypeCode, responseTypeIDToken, responseTypeToken:
 		default:
 			return nil, fmt.Errorf("unsupported response_type %q", respType)
 		}
-		supported[respType] = true
+		supportedRes[respType] = true
+	}
+
+	supportedGrant := []string{grantTypeAuthorizationCode, grantTypeRefreshToken, grantTypeDeviceCode} //default
+	if c.PasswordConnector != "" {
+		supportedGrant = append(supportedGrant, grantTypePassword)
 	}
 
 	webFS := web.FS()
@@ -249,7 +256,8 @@ func newServer(ctx context.Context, c Config, rotationStrategy rotationStrategy)
 		issuerURL:              *issuerURL,
 		connectors:             make(map[string]Connector),
 		storage:                newKeyCacher(c.Storage, now),
-		supportedResponseTypes: supported,
+		supportedResponseTypes: supportedRes,
+		supportedGrantTypes:    supportedGrant,
 		idTokensValidFor:       value(c.IDTokensValidFor, 24*time.Hour),
 		authRequestsValidFor:   value(c.AuthRequestsValidFor, 24*time.Hour),
 		deviceRequestsValidFor: value(c.DeviceRequestsValidFor, 5*time.Minute),

From c6f6dd69e91b52d2c57f3bdea53cff09b4c412e5 Mon Sep 17 00:00:00 2001
From: ariary <ariary9.2@hotmail.fr>
Date: Wed, 15 Sep 2021 03:58:27 -0400
Subject: [PATCH 2/3] lint comment

Signed-off-by: ariary <ariary9.2@hotmail.fr>
---
 server/server.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/server.go b/server/server.go
index 094eb518..619a358f 100755
--- a/server/server.go
+++ b/server/server.go
@@ -221,7 +221,7 @@ func newServer(ctx context.Context, c Config, rotationStrategy rotationStrategy)
 		supportedRes[respType] = true
 	}
 
-	supportedGrant := []string{grantTypeAuthorizationCode, grantTypeRefreshToken, grantTypeDeviceCode} //default
+	supportedGrant := []string{grantTypeAuthorizationCode, grantTypeRefreshToken, grantTypeDeviceCode} // default
 	if c.PasswordConnector != "" {
 		supportedGrant = append(supportedGrant, grantTypePassword)
 	}

From 7bc966217d9db99eddd7a0b97208c0b6edb4716f Mon Sep 17 00:00:00 2001
From: ariary <ariary9.2@hotmail.fr>
Date: Wed, 6 Oct 2021 08:29:14 -0400
Subject: [PATCH 3/3] sort grant type supported

Signed-off-by: ariary <ariary9.2@hotmail.fr>
---
 server/handlers.go | 1 -
 server/server.go   | 2 ++
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/server/handlers.go b/server/handlers.go
index cbdf5f5b..37a1f9ac 100755
--- a/server/handlers.go
+++ b/server/handlers.go
@@ -110,7 +110,6 @@ func (s *Server) discoveryHandler() (http.HandlerFunc, error) {
 	sort.Strings(d.ResponseTypes)
 
 	d.GrantTypes = s.supportedGrantTypes
-	sort.Strings(d.GrantTypes)
 
 	data, err := json.MarshalIndent(d, "", "  ")
 	if err != nil {
diff --git a/server/server.go b/server/server.go
index 619a358f..ecd6c935 100755
--- a/server/server.go
+++ b/server/server.go
@@ -11,6 +11,7 @@ import (
 	"net/url"
 	"os"
 	"path"
+	"sort"
 	"strconv"
 	"strings"
 	"sync"
@@ -225,6 +226,7 @@ func newServer(ctx context.Context, c Config, rotationStrategy rotationStrategy)
 	if c.PasswordConnector != "" {
 		supportedGrant = append(supportedGrant, grantTypePassword)
 	}
+	sort.Strings(supportedGrant)
 
 	webFS := web.FS()
 	if c.Web.Dir != "" {