Axum migration: /oauth2/keys.json and /.well-known/openid-configuration

crates/oauth2-types/src/oidc.rs

@@ -12,8 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-use std::collections::HashSet;
-
 use mas_iana::{
     jose::{JsonWebEncryptionAlg, JsonWebEncryptionEnc, JsonWebSignatureAlg},
     oauth::{
@@ -72,28 +70,28 @@ pub struct Metadata {
 
     /// JSON array containing a list of the OAuth 2.0 "scope" values that this
     /// authorization server supports.
-    pub scopes_supported: Option<HashSet<String>>,
+    pub scopes_supported: Option<Vec<String>>,
 
     /// JSON array containing a list of the OAuth 2.0 "response_type" values
     /// that this authorization server supports.
-    pub response_types_supported: Option<HashSet<OAuthAuthorizationEndpointResponseType>>,
+    pub response_types_supported: Option<Vec<OAuthAuthorizationEndpointResponseType>>,
 
     /// JSON array containing a list of the OAuth 2.0 "response_mode" values
     /// that this authorization server supports.
-    pub response_modes_supported: Option<HashSet<ResponseMode>>,
+    pub response_modes_supported: Option<Vec<ResponseMode>>,
 
     /// JSON array containing a list of the OAuth 2.0 grant type values that
     /// this authorization server supports.
-    pub grant_types_supported: Option<HashSet<GrantType>>,
+    pub grant_types_supported: Option<Vec<GrantType>>,
 
     /// JSON array containing a list of client authentication methods supported
     /// by this token endpoint.
-    pub token_endpoint_auth_methods_supported: Option<HashSet<OAuthClientAuthenticationMethod>>,
+    pub token_endpoint_auth_methods_supported: Option<Vec<OAuthClientAuthenticationMethod>>,
 
     /// JSON array containing a list of the JWS signing algorithms supported by
     /// the token endpoint for the signature on the JWT used to authenticate the
     /// client at the token endpoint.
-    pub token_endpoint_auth_signing_alg_values_supported: Option<HashSet<JsonWebSignatureAlg>>,
+    pub token_endpoint_auth_signing_alg_values_supported: Option<Vec<JsonWebSignatureAlg>>,
 
     /// URL of a page containing human-readable information that developers
     /// might want or need to know when using the authorization server.
@@ -103,7 +101,7 @@ pub struct Metadata {
     /// Languages and scripts supported for the user interface, represented as a
     /// JSON array of language tag values from BCP 47. If omitted, the set of
     /// supported languages and scripts is unspecified.
-    pub ui_locales_supported: Option<HashSet<String>>,
+    pub ui_locales_supported: Option<Vec<String>>,
 
     /// URL that the authorization server provides to the person registering the
     /// client to read about the authorization server's requirements on how the
@@ -119,94 +117,91 @@ pub struct Metadata {
 
     /// JSON array containing a list of client authentication methods supported
     /// by this revocation endpoint.
-    pub revocation_endpoint_auth_methods_supported:
-        Option<HashSet<OAuthClientAuthenticationMethod>>,
+    pub revocation_endpoint_auth_methods_supported: Option<Vec<OAuthClientAuthenticationMethod>>,
 
     /// JSON array containing a list of the JWS signing algorithms supported by
     /// the revocation endpoint for the signature on the JWT used to
     /// authenticate the client at the revocation endpoint.
-    pub revocation_endpoint_auth_signing_alg_values_supported: Option<HashSet<JsonWebSignatureAlg>>,
+    pub revocation_endpoint_auth_signing_alg_values_supported: Option<Vec<JsonWebSignatureAlg>>,
 
     /// URL of the authorization server's OAuth 2.0 introspection endpoint.
     pub introspection_endpoint: Option<Url>,
 
     /// JSON array containing a list of client authentication methods supported
     /// by this introspection endpoint.
-    pub introspection_endpoint_auth_methods_supported:
-        Option<HashSet<OAuthClientAuthenticationMethod>>,
+    pub introspection_endpoint_auth_methods_supported: Option<Vec<OAuthClientAuthenticationMethod>>,
 
     /// JSON array containing a list of the JWS signing algorithms supported by
     /// the introspection endpoint for the signature on the JWT used to
     /// authenticate the client at the introspection endpoint.
-    pub introspection_endpoint_auth_signing_alg_values_supported:
-        Option<HashSet<JsonWebSignatureAlg>>,
+    pub introspection_endpoint_auth_signing_alg_values_supported: Option<Vec<JsonWebSignatureAlg>>,
 
     /// PKCE code challenge methods supported by this authorization server.
-    pub code_challenge_methods_supported: Option<HashSet<PkceCodeChallengeMethod>>,
+    pub code_challenge_methods_supported: Option<Vec<PkceCodeChallengeMethod>>,
 
     /// URL of the OP's UserInfo Endpoint.
     pub userinfo_endpoint: Option<Url>,
 
     /// JSON array containing a list of the Authentication Context Class
     /// References that this OP supports.
-    pub acr_values_supported: Option<HashSet<String>>,
+    pub acr_values_supported: Option<Vec<String>>,
 
     /// JSON array containing a list of the Subject Identifier types that this
     /// OP supports.
-    pub subject_types_supported: Option<HashSet<SubjectType>>,
+    pub subject_types_supported: Option<Vec<SubjectType>>,
 
     /// JSON array containing a list of the JWS "alg" values supported by the OP
     /// for the ID Token.
-    pub id_token_signing_alg_values_supported: Option<HashSet<JsonWebSignatureAlg>>,
+    pub id_token_signing_alg_values_supported: Option<Vec<JsonWebSignatureAlg>>,
 
     /// JSON array containing a list of the JWE "alg" values supported by the OP
     /// for the ID Token.
-    pub id_token_encryption_alg_values_supported: Option<HashSet<JsonWebEncryptionAlg>>,
+    pub id_token_encryption_alg_values_supported: Option<Vec<JsonWebEncryptionAlg>>,
 
     /// JSON array containing a list of the JWE "enc" values supported by the OP
     /// for the ID Token.
-    pub id_token_encryption_enc_values_supported: Option<HashSet<JsonWebEncryptionEnc>>,
+    pub id_token_encryption_enc_values_supported: Option<Vec<JsonWebEncryptionEnc>>,
 
     /// JSON array containing a list of the JWS "alg" values supported by the
     /// UserInfo Endpoint.
-    pub userinfo_signing_alg_values_supported: Option<HashSet<JsonWebSignatureAlg>>,
+    pub userinfo_signing_alg_values_supported: Option<Vec<JsonWebSignatureAlg>>,
 
     /// JSON array containing a list of the JWE "alg" values supported by the
     /// UserInfo Endpoint.
-    pub userinfo_encryption_alg_values_supported: Option<HashSet<JsonWebEncryptionAlg>>,
+    pub userinfo_encryption_alg_values_supported: Option<Vec<JsonWebEncryptionAlg>>,
 
     /// JSON array containing a list of the JWE "enc" values supported by the
     /// UserInfo Endpoint.
-    pub userinfo_encryption_enc_values_supported: Option<HashSet<JsonWebEncryptionEnc>>,
+    pub userinfo_encryption_enc_values_supported: Option<Vec<JsonWebEncryptionEnc>>,
 
     /// JSON array containing a list of the JWS "alg" values supported by the OP
     /// for Request Objects.
-    pub request_object_signing_alg_values_supported: Option<HashSet<JsonWebSignatureAlg>>,
+    pub request_object_signing_alg_values_supported: Option<Vec<JsonWebSignatureAlg>>,
 
     /// JSON array containing a list of the JWE "alg" values supported by the OP
     /// for Request Objects.
-    pub request_object_encryption_alg_values_supported: Option<HashSet<JsonWebEncryptionAlg>>,
+    pub request_object_encryption_alg_values_supported: Option<Vec<JsonWebEncryptionAlg>>,
 
     /// JSON array containing a list of the JWE "enc" values supported by the OP
     /// for Request Objects.
-    pub request_object_encryption_enc_values_supported: Option<HashSet<JsonWebEncryptionEnc>>,
+    pub request_object_encryption_enc_values_supported: Option<Vec<JsonWebEncryptionEnc>>,
 
     /// JSON array containing a list of the "display" parameter values that the
     /// OpenID Provider supports.
-    pub display_values_supported: Option<HashSet<Display>>,
+    pub display_values_supported: Option<Vec<Display>>,
 
     /// JSON array containing a list of the Claim Types that the OpenID Provider
     /// supports.
-    pub claim_types_supported: Option<HashSet<ClaimType>>,
+    pub claim_types_supported: Option<Vec<ClaimType>>,
 
     /// JSON array containing a list of the Claim Names of the Claims that the
     /// OpenID Provider MAY be able to supply values for.
-    pub claims_supported: Option<HashSet<String>>,
+    pub claims_supported: Option<Vec<String>>,
 
     // TODO: type
     /// Languages and scripts supported for values in Claims being returned,
     /// represented as a JSON array of BCP 47 language tag values.
-    pub claims_locales_supported: Option<HashSet<String>>,
+    pub claims_locales_supported: Option<Vec<String>>,
 
     /// Boolean value specifying whether the OP supports use of the "claims"
     /// parameter.
@@ -236,5 +231,5 @@ pub struct Metadata {
     pub require_pushed_authorization_requests: Option<bool>,
 
     /// Array containing the list of prompt values that this OP supports.
-    pub prompt_values_supported: Option<HashSet<Prompt>>,
+    pub prompt_values_supported: Option<Vec<Prompt>>,
 }