jjbohn · cmrd-senya · Sep 2, 2016 · Nov 4, 2016 · Nov 4, 2016
diff --git a/lib/omniauth/strategies/openid_connect.rb b/lib/omniauth/strategies/openid_connect.rb
@@ -22,6 +22,7 @@ class OpenIDConnect
         userinfo_endpoint: "/userinfo",
         jwks_uri: '/jwk'
       }
+      option :client_name, "a web application via omniauth-openid-connect" # in case of dynamic registration
       option :issuer
       option :discovery, false
       option :client_signing_alg
@@ -74,7 +75,18 @@ class OpenIDConnect
       end
 
       def client
-        @client ||= ::OpenIDConnect::Client.new(client_options)
+        @client ||= \
+          if client_options.identifier.nil?
+            registrar.register!.tap do |client|
+              %i(authorization_endpoint token_endpoint userinfo_endpoint).each do |key|
+                client.send :"#{key}=", client_options[key]
+              end
+              client_options.identifier = client.identifier
+              client_options.secret = client.secret
+            end
+          else
+             ::OpenIDConnect::Client.new(client_options)
+          end
       end
 
       def config
@@ -138,6 +150,13 @@ def public_key
 
       private
 
+      def registrar
+        ::OpenIDConnect::Client::Registrar.new(config.registration_endpoint).tap do |registrar|
+          registrar.redirect_uris = *client_options.redirect_uri
+          registrar.client_name = options.client_name
+        end
+      end
+
       def issuer
         resource = "#{client_options.scheme}://#{client_options.host}" + ((client_options.port) ? ":#{client_options.port.to_s}" : '')
         ::OpenIDConnect::Discovery::Provider.discover!(resource).issuer