OpenID Connect - Validate Discovery Endpoint response

[cieciurm]

What this PR does / why we need it:

• This PR adds validation of OpenID Connect Discover response
• Validation follows rules from the spec

Which issue(s) this PR fixes:
closes #701

Special notes for your reviewer:

• This is a very early PR
• I want to ask for feedback on the approach
• Tests will be added when we agree on solution

Does this PR introduce a user-facing change?:

• No

Please make sure you've completed the relevant tasks for this PR, out of the following list:

• Code compiles correctly
• Created/updated tests
• Unit tests passing
• End-to-end tests passing
• Extended the documentation
• Provided sample for the feature

[cieciurm]

Thanks for any suggestions and feedback 😄
cc @sungam3r

[sungam3r]

I want to ask for feedback on the approach
Tests will be added when we agree on solution

Looks good thought I have not read the spec.

[cieciurm]

I would like to add tests for validation.

[sungam3r]

Reminder - bump version.

[cieciurm]

I've added applied code suggestions, added unit tests and bumped the version.

I decided to write more sophisticated check for response_types_supported. The spec mentiones a combined response type token id_token, but some identity providers (f.e. Identity Server and Azure AD) return id_token token. So I decided to validate separately the single response types (code, id_token) and separately combined response type. This should prevent false negatives.

cc @sungam3r

[cieciurm]

Thanks, <InternalsVisibleTo /> has been removed.

cc @sungam3r

[codecov-commenter]

Codecov Report

Merging #1981 (2d7c340) into master (136d8dc) will increase coverage by 0.30%.
The diff coverage is 87.23%.

❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

@@            Coverage Diff             @@
##           master    #1981      +/-   ##
==========================================
+ Coverage   66.19%   66.49%   +0.30%     
==========================================
  Files         253      253              
  Lines        8726     8728       +2     
  Branches      627      626       -1     
==========================================
+ Hits         5776     5804      +28     
+ Misses       2785     2760      -25     
+ Partials      165      164       -1     

Flag	Coverage Δ
Dapr	?
OpenIdConnectServer	39.28% <87.23%> (+14.28%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Changed	Coverage Δ
...althChecks.OpenIdConnectServer/IdSvrHealthCheck.cs	73.07% <60.00%> (-5.88%)	⬇️
...s.OpenIdConnectServer/DiscoveryEndpointResponse.cs	93.93% <93.93%> (ø)
.../HealthChecks.OpenIdConnectServer/OidcConstants.cs	100.00% <100.00%> (ø)

... and 7 files with indirect coverage changes