19426873690

Committed 17 Nov 2025 10:45AM UTC coverage: 68.269% (-0.05%) from 68.314%

Build # 19426873690

Build Type

Pull #2250

github

Committed by

web-flow

Commit Message

feat(oauthserver): add oauth scope support for oidc (#2253)

## Summary

This PR adds comprehensive OIDC scope support to the OAuth server
implementation, enabling proper scope-based access control and claim
filtering per the OpenID Connect Core specification.

## Changes:
- **Scope-based claim filtering**: Claims are only included in ID tokens
and UserInfo responses when the corresponding scope is granted
    - `openid` → `sub` (subject identifier)
    - `email` → `email`, `email_verified`
    - `profile` → `name`, `picture`, `preferred_username`, `updated_at`
    - `phone` → `phone_number`, `phone_number_verified`
- **Conditional ID token generation**: ID tokens are only generated when
the `openid` scope is requested

Pull Request Pull Request #2250: feat(oauthserver): add OpenID Connect support

Run Details

155 of 280 new or added lines in 11 files covered. (55.36%)

33 existing lines in 2 files now uncovered.

14163 of 20746 relevant lines covered (68.27%)

78.39 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

76.92

/internal/api/shared/context.go

supabase / auth / 19426873690

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source Not Available

Source File
Press 'n' to go to next uncovered line, 'b' for previous