Defect OpenId configuration issue (#24)

* Mask the keys from OpenId configuration

* Incremented version and added to change log.

* Update package-lock

Author: jholleran

CHANGELOG.md

@@ -1,3 +1,6 @@
+## v0.9.0
+- Fix to mask properties that should not be part of the OIDC configuration.
+
 ## v0.6.0 - 2019-11-08
 
 ### Changed

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "@solid/oidc-op",
-  "version": "0.8.0",
+  "version": "0.9.0",
   "engines": {
     "node": ">=10.0"
   },

package.json

@@ -211,7 +211,7 @@ class Provider {
    * openidConfiguration
    */
   get openidConfiguration () {
-    return JSON.stringify(this)
+    return JSON.stringify(this, (key, value) => key !== "keys" ? value : undefined)
   }
 
   /**

src/Provider.js

@@ -31,6 +31,7 @@ describe('OpenIDConfigurationRequest', () => {
     res = HttpMocks.createResponse()
 
     provider = new Provider({ issuer: providerUri })
+    provider.initializeKeyChain();
   })
 
   it('should respond with the provider configuration in JSON format', () => {
@@ -42,4 +43,14 @@ describe('OpenIDConfigurationRequest', () => {
 
     expect(config['authorization_endpoint']).to.equal('https://example.com/authorize')
   })
+
+  it('should mask properties that are not part of OIDC', () => {
+    OpenIDConfigurationRequest.handle(req, res, provider)
+
+    expect(res._isJSON()).to.be.true()
+
+    let config = JSON.parse(res._getData())
+
+    expect(config['keys']).to.be.undefined()
+  })
 })