prioritise authorization server metadata over issuer metadata for PAR requirements (Funke issuer adds it in authorization server metadata)
do not include openid scope if not included. I can't find in the specs where this is a requirement, and the funke PID issuer will not grant this scope. I think it makes more sense to let the user pass the scope openid if it wants this scope.
This PR makes two changes:
openid
scope if not included. I can't find in the specs where this is a requirement, and the funke PID issuer will not grant this scope. I think it makes more sense to let the user pass the scopeopenid
if it wants this scope.