OIDC: Drop scopes validation (fixes #5464) (#5623)

* OIDC: Drop scopes validation (fixes #5464)

* Fix test

* Remove claims as well

src/pretix/base/customersso/oidc.py

@@ -112,23 +112,6 @@ def oidc_validate_and_complete_config(config):
                 scope="openid",
             ))
 
-    for scope in config["scope"].split(" "):
-        if scope not in provider_config.get("scopes_supported", []):
-            raise ValidationError(_('You are requesting scope "{scope}" but provider only supports these: {scopes}.').format(
-                scope=scope,
-                scopes=", ".join(provider_config.get("scopes_supported", []))
-            ))
-
-    if "claims_supported" in provider_config:
-        claims_supported = provider_config.get("claims_supported", [])
-        for k, v in config.items():
-            if k.endswith('_field') and v:
-                if v not in claims_supported:  # https://openid.net/specs/openid-connect-core-1_0.html#UserInfo
-                    raise ValidationError(_('You are requesting field "{field}" but provider only supports these: {fields}.').format(
-                        field=v,
-                        fields=", ".join(provider_config.get("claims_supported", []))
-                    ))
-
     if "token_endpoint_auth_methods_supported" in provider_config:
         token_endpoint_auth_methods_supported = provider_config.get("token_endpoint_auth_methods_supported",
                                                                     ["client_secret_basic"])

src/tests/base/test_customer_oidc_rp.py

@@ -175,12 +175,6 @@ def test_incompatible():
         oidc_validate_and_complete_config(config)
     assert "not requesting" in str(e.value)
 
-    config["scope"] = "openid foo"
-
-    with pytest.raises(ValidationError) as e:
-        oidc_validate_and_complete_config(config)
-    assert "requesting scope" in str(e.value)
-
 
 @responses.activate
 def test_compatible():