Ignore unsupported scopes instead of failing

Ioannis Kakavas · Ioannis Kakavas · commit 5dcf76d04726 · 2017-06-02T19:59:59.000+03:00
According to https://openid.net/specs/openid-connect-core-1_0.html 3.1.2.1 : " Scope values used that are not understood by an implementation SHOULD be ignored" Unsupported scopes are handled gracefully already in https://github.com/OpenIDC/pyoidc/blob/master/src/oic/oic/__init__.py#L1773
diff --git a/src/pyop/request_validator.py b/src/pyop/request_validator.py
@@ -96,9 +96,8 @@ def requested_scope_is_supported(provider, authentication_request):
     supported_scopes = set(provider.provider_configuration['scopes_supported'])
     requested_unsupported_scopes = requested_scopes - supported_scopes
     if requested_unsupported_scopes:
-        raise InvalidAuthenticationRequest('Request contains unsupported/unknown scopes: {}'
-                                           .format(', '.join(requested_unsupported_scopes)),
-                                           authentication_request, oauth_error='invalid_scope')
+        logger.warning('Request contains unsupported/unknown scopes: {}'
+                                           .format(', '.join(requested_unsupported_scopes)))
 
 
 def registration_request_verify(registration_request):
