-also allow non-standard scopes as claims

2 files changed, 7 insertions, 2 deletions

diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c
index d0345108e..eab12db33 100644
--- a/src/reclaim/oidc_helper.c
+++ b/src/reclaim/oidc_helper.c
@@ -769,7 +769,7 @@ OIDC_access_token_parse (const char *token,
 
 /**
  * Checks if a claim is implicitly requested through standard
- * scope(s)
+ * scope(s) or explicitly through non-standard scope.
  *
  * @param scopes the scopes which have been requested
  * @param attr the attribute name to check
@@ -832,6 +832,11 @@ OIDC_check_scopes_for_claim_request (const char*scopes,
         }
       }
 
+    } else if (0 == strcmp (attr, scope_variable))
+    {
+      /** attribute matches requested scope **/
+      GNUNET_free (scope_variables);
+      return GNUNET_YES;
     }
     scope_variable = strtok (NULL, delimiter);
   }
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c
index 6db494433..2f44917c9 100644
--- a/src/reclaim/plugin_rest_openid_connect.c
+++ b/src/reclaim/plugin_rest_openid_connect.c
@@ -1155,7 +1155,7 @@ attr_in_claims_request (struct RequestHandle *handle,
   const char *key;
   json_t *value;
 
-  /** Check if attribute is requested through standard scope **/
+  /** Check if attribute is requested through a scope **/
   if (GNUNET_YES == OIDC_check_scopes_for_claim_request (handle->oidc->scope,
                                                          attr_name))
     return GNUNET_YES;