Should OIDCScope accept scopes without openid?

[iplparm]

Hi,
I'm able to set OIDCSCope to any value and it's in line with the docs:

mod_auth_openidc/auth_openidc.conf

Line 140 in 44ede94

# Define the OpenID Connect scope that is requested from the OP (eg. "openid email profile").

If nothing is set "bare minimum" scope "openid" will be added by the module.
However, if you set OIDCScope to any value(s) and won't include "openid" scope - module accepts such configuration but generates runtime errors on every response validation:

mod_auth_openidc/src/proto.c

Line 2737 in 44ede94

* check id_token parameter

Should the module fall back to OAuth if "openid" scope is not set deliberately or is it purposed to handle only OIDC flows and I should always add "openid"?

Best regards,
Arek Wojtczak

[zandbelt]

you'll need to add "openid" yourself if you modify the default

[iplparm]

Thank you.