Since oauth_introspect_url is not available, let's workaround by checking if it can be responded to before actually calling it. Another possible solution is to replicate the same condition as doorkeeper repo, namely Doorkeeper.config.allow_token_introspection.is_a?(FalseClass), which I've not chosen because I thought it'd make it more complex to depend on the configuration of a different gem.
Getting rid of introspection_endpoint field can be justified because it is a non-standard (as described in #72, the original PR which introduced it) and not required nor defined by the specification of OIDC Discovery.
About the test case added, the entire routes must be reloaded because the configuration here is loaded once and routes drawn once, refusing to be overriden just like this:
before { Doorkeeper.configure { allow_token_introspection false } }
So I've chosen to mock it and reload routes before and after the example case, knowing this is perhaps a little clumsy type. What do you think?
This fixes #166.
Since
oauth_introspect_url
is not available, let's workaround by checking if it can be responded to before actually calling it. Another possible solution is to replicate the same condition as doorkeeper repo, namelyDoorkeeper.config.allow_token_introspection.is_a?(FalseClass)
, which I've not chosen because I thought it'd make it more complex to depend on the configuration of a different gem.Getting rid of
introspection_endpoint
field can be justified because it is a non-standard (as described in #72, the original PR which introduced it) and not required nor defined by the specification of OIDC Discovery.About the test case added, the entire routes must be reloaded because the configuration here is loaded once and routes drawn once, refusing to be overriden just like this:
So I've chosen to mock it and reload routes before and after the example case, knowing this is perhaps a little clumsy type. What do you think?