From 4adc0a42ba4ec6506f05b5d1af1236a91cb77a58 Mon Sep 17 00:00:00 2001
From: Kostis Triantafyllakis <kostastriantaf@gmail.com>
Date: Mon, 6 Mar 2023 21:11:21 +0200
Subject: [PATCH] Fix registration after fedservice refactor

Signed-off-by: Kostis Triantafyllakis <kostastriantaf@gmail.com>
---
 src/idpyoidc/server/oidc/registration.py          | 15 +++++++++++++--
 .../test_server_23_oidc_registration_endpoint.py  |  9 +++++++++
 2 files changed, 22 insertions(+), 2 deletions(-)
 mode change 100755 => 100644 src/idpyoidc/server/oidc/registration.py

diff --git a/src/idpyoidc/server/oidc/registration.py b/src/idpyoidc/server/oidc/registration.py
old mode 100755
new mode 100644
index 9b1cdef7..7b9d4a7f
--- a/src/idpyoidc/server/oidc/registration.py
+++ b/src/idpyoidc/server/oidc/registration.py
@@ -16,6 +16,7 @@
 from idpyoidc.message.oidc import RegistrationRequest
 from idpyoidc.message.oidc import RegistrationResponse
 from idpyoidc.server.endpoint import Endpoint
+from idpyoidc.server.exception import CapabilitiesMisMatch
 from idpyoidc.server.exception import InvalidRedirectURIError
 from idpyoidc.server.exception import InvalidSectorIdentifier
 from idpyoidc.time_util import utc_time_sans_frac
@@ -155,7 +156,11 @@ def match_claim(self, claim, val):
                     else:
                         return None
                 else:
-                    return list(set(_val).intersection(set(val)))
+                    _ret = list(set(_val).intersection(set(val)))
+                    if len(_ret) > 0:
+                        return _ret
+                    else:
+                        raise CapabilitiesMisMatch(_my_key)
             else:
                 if val == _val:
                     return val
@@ -407,7 +412,13 @@ def client_registration_setup(self, request, new_id=True, set_secret=True):
         request.rm_blanks()
         _context = self.upstream_get("context")
 
-        request = self.filter_client_request(request)
+        try:
+            request = self.filter_client_request(request)
+        except CapabilitiesMisMatch as err:
+            return ResponseMessage(
+                error="invalid_request",
+                error_description="Don't support proposed %s" % err,
+            )
 
         if new_id:
             if self.kwargs.get("client_id_generator"):
diff --git a/tests/test_server_23_oidc_registration_endpoint.py b/tests/test_server_23_oidc_registration_endpoint.py
index 04a74858..94fe0633 100755
--- a/tests/test_server_23_oidc_registration_endpoint.py
+++ b/tests/test_server_23_oidc_registration_endpoint.py
@@ -338,6 +338,15 @@ def test_register_initiate_login_uri_wrong_scheme(self):
         assert "error" in _resp
         assert _resp["error"] == "invalid_configuration_request"
 
+    def test_register_unsupported_response_type(self):
+        self.endpoint.upstream_get("context").provider_info["response_types_supported"] = ["token", "id_token"]
+        _msg = MSG.copy()
+        _msg["response_types"] = ["id_token token"]
+        _req = self.endpoint.parse_request(RegistrationRequest(**_msg).to_json())
+        _resp = self.endpoint.process_request(request=_req)
+        assert _resp["error"] == "invalid_request"
+        assert "response_type" in _resp["error_description"]
+
 
 def test_match_sp_sep():
     assert match_sp_sep("foo bar", "bar foo")