Merge pull request #256 from 55728/fix/protocol-callable-check

nbulaj · web-flow · commit 1be7a085efe0 · 2026-04-28T20:36:33.000+03:00
Accept non-callable values for the `protocol` config option
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,7 @@
 - [#248] Fix `max_age` always triggering reauthentication when `auth_time_from_resource_owner` returns Integer
 - [#254] **Breaking:** Omit `expires_in` from the `response_type=id_token` response (OIDC Core §3.2.2.5 — `expires_in` represents the Access Token lifetime; it is still returned for `response_type=id_token token`)
 - [#252] Treat `auth_time_from_resource_owner` as optional in `IdToken` — omit `auth_time` claim when unconfigured instead of raising `InvalidConfiguration`
+- [#256] Accept non-callable values (symbol / string) for the `protocol` config option, matching the pattern used by `issuer` / `signing_algorithm` / `signing_key` / `expiration`
 
 ## v1.9.0 (2026-03-16)
 
diff --git a/app/controllers/doorkeeper/openid_connect/discovery_controller.rb b/app/controllers/doorkeeper/openid_connect/discovery_controller.rb
@@ -116,7 +116,8 @@ def keys_response
       end
 
       def protocol
-        Doorkeeper::OpenidConnect.configuration.protocol.call
+        configured = Doorkeeper::OpenidConnect.configuration.protocol
+        configured.respond_to?(:call) ? configured.call : configured
       end
 
       def discovery_url_options
diff --git a/spec/controllers/discovery_controller_spec.rb b/spec/controllers/discovery_controller_spec.rb
@@ -270,6 +270,32 @@
       expect(data['authorization_endpoint']).to eq 'testing://test.host/oauth/authorize'
     end
 
+    context 'when the protocol option is configured with a non-callable value' do
+      it 'accepts a symbol' do
+        Doorkeeper::OpenidConnect.configure do
+          protocol :testing
+        end
+
+        get :provider
+        data = JSON.parse(response.body)
+
+        expect(response).to have_http_status(:ok)
+        expect(data['authorization_endpoint']).to eq 'testing://test.host/oauth/authorize'
+      end
+
+      it 'accepts a string' do
+        Doorkeeper::OpenidConnect.configure do
+          protocol 'testing'
+        end
+
+        get :provider
+        data = JSON.parse(response.body)
+
+        expect(response).to have_http_status(:ok)
+        expect(data['authorization_endpoint']).to eq 'testing://test.host/oauth/authorize'
+      end
+    end
+
     context 'when the discovery_url_options option is set for all endpoints' do
       before do
         Doorkeeper::OpenidConnect.configure do
