From 87681881336371dfa1d02aea1e8c2c1d089e73d6 Mon Sep 17 00:00:00 2001
From: Justin Richer <jricher@mitre.org>
Date: Sat, 19 Jul 2014 23:54:02 -0700
Subject: [PATCH] makes the grant types checker softer, closes #640

---
 .../connect/web/ClientDynamicRegistrationEndpoint.java      | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
index 1c204171a..b5766e890 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
@@ -397,14 +397,10 @@ public class ClientDynamicRegistrationEndpoint {
 		// filter out unknown grant types
 		// TODO: make this a pluggable service
 		Set<String> requestedGrantTypes = new HashSet<String>(newClient.getGrantTypes());
-		requestedGrantTypes.removeAll(
+		requestedGrantTypes.retainAll(
 					ImmutableSet.of("authorization_code", "implicit", 
 							"password", "client_credentials", "refresh_token",
 							"urn:ietf:params:oauth:grant_type:redelegate"));
-		if (!requestedGrantTypes.isEmpty()) {
-			// return an error, there were unknown grant types requested
-			throw new ValidationException("invalid_client_metadata", "Unknown grant types requested: " + newClient.getGrantTypes(), HttpStatus.BAD_REQUEST);
-		}
 		
 		// don't allow "password" grant type for dynamic registration
 		if (newClient.getGrantTypes().contains("password")) {