Adapt grant_types_supported attribute (#1846)

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm

@@ -1493,14 +1493,21 @@ sub metadata {
 
     # List response types depending on allowed flows
     my $response_types = [];
-    push( @$response_types, "code" )
-      if $self->conf->{oidcServiceAllowAuthorizationCodeFlow};
-    push( @$response_types, "id_token", "id_token token" )
-      if $self->conf->{oidcServiceAllowImplicitFlow};
+    my $grant_types    = [];
+    if ( $self->conf->{oidcServiceAllowAuthorizationCodeFlow} ) {
+        push( @$response_types, "code" );
+        push( @$grant_types,    "authorization_code" );
+    }
+    if ( $self->conf->{oidcServiceAllowImplicitFlow} ) {
+        push( @$response_types, "id_token", "id_token token" );
+        push( @$grant_types, "implicit" );
+    }
+    if ( $self->conf->{oidcServiceAllowHybridFlow} ) {
         push( @$response_types,
             "code id_token",
-        "code token", "code id_token token" )
-      if $self->conf->{oidcServiceAllowHybridFlow};
+            "code token", "code id_token token" );
+        push( @$grant_types, "hybrid" );
+    }
 
     # Create OpenID configuration hash;
     return $self->p->sendJSONresponse(
@@ -1530,7 +1537,7 @@ sub metadata {
             # Scopes
             scopes_supported => [qw/openid profile email address phone/],
             response_types_supported => $response_types,
-            grant_types_supported   => [qw/authorization_code implicit hybrid/],
+            grant_types_supported    => $grant_types,
             acr_values_supported     => \@acr,
             subject_types_supported  => ["public"],
             token_endpoint_auth_methods_supported =>