From 47109e60117db263dd9eea6cdaf7ce605d9378f9 Mon Sep 17 00:00:00 2001
From: Son NK <nguyenkims@hotmail.com>
Date: Sun, 11 Aug 2019 00:32:00 +0200
Subject: [PATCH] add "sub", fix test

---
 app/models.py                 |  7 ++++++-
 tests/oauth/test_authorize.py | 14 ++++++++------
 2 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/app/models.py b/app/models.py
index 783f4ba7..177009d7 100644
--- a/app/models.py
+++ b/app/models.py
@@ -435,7 +435,12 @@ class ClientUser(db.Model, ModelMixin):
         }
 
         """
-        res = {"id": self.id, "client": self.client.name, "email_verified": True}
+        res = {
+            "id": self.id,
+            "client": self.client.name,
+            "email_verified": True,
+            "sub": str(self.id),
+        }
 
         for scope in self.client.get_scopes():
             if scope == Scope.NAME:
diff --git a/tests/oauth/test_authorize.py b/tests/oauth/test_authorize.py
index cee821cf..7672fda7 100644
--- a/tests/oauth/test_authorize.py
+++ b/tests/oauth/test_authorize.py
@@ -189,8 +189,8 @@ def test_authorize_code_flow_no_openid_scope(flask_client):
     assert r.status_code == 200
     assert r.json["access_token"]
     assert r.json["expires_in"] == 3600
-    assert r.json["scope"] == ""
-    assert r.json["token_type"] == "bearer"
+    assert not r.json["scope"]
+    assert r.json["token_type"] == "Bearer"
 
     assert r.json["user"] == {
         "avatar_url": None,
@@ -199,6 +199,7 @@ def test_authorize_code_flow_no_openid_scope(flask_client):
         "email_verified": True,
         "id": 1,
         "name": "AB CD",
+        "sub": "1",
     }
 
 
@@ -240,9 +241,9 @@ def test_authorize_code_flow_with_openid_scope(flask_client):
     assert not o.fragment
 
     # parse the query, should return something like
-    # {'state': ['teststate'], 'code': ['knuyjepwvg']}
+    # {'state': ['teststate'], 'code': ['knuyjepwvg'], 'scope': ["openid"]}
     queries = parse_qs(o.query)
-    assert len(queries) == 2
+    assert len(queries) == 3
 
     assert queries["state"] == ["teststate"]
     assert len(queries["code"]) == 1
@@ -276,8 +277,8 @@ def test_authorize_code_flow_with_openid_scope(flask_client):
     assert r.status_code == 200
     assert r.json["access_token"]
     assert r.json["expires_in"] == 3600
-    assert r.json["scope"] == ""
-    assert r.json["token_type"] == "bearer"
+    assert r.json["scope"] == "openid"
+    assert r.json["token_type"] == "Bearer"
 
     assert r.json["user"] == {
         "avatar_url": None,
@@ -286,6 +287,7 @@ def test_authorize_code_flow_with_openid_scope(flask_client):
         "email_verified": True,
         "id": 1,
         "name": "AB CD",
+        "sub": "1",
     }
 
     # id_token must be returned