The ClaimSetInterface API is unclear

[stof]

The interface ClaimSetInterface defines a getClaims(): array method without defining the expected type for the array.

This interface is used in 2 places:

• the ClaimSetEntity class implements it (alongside a confusing ScopeInterface which is not about representing a scope but a class with a getScope method) and seems to expect list<string> as the type of the array based on the usages in ClaimExtractor
• the IdentityProviderInterface is expected to return a UserEntityInterface implementing it. The IdTokenResponse then expects getClaims to return array<string, string> based on the usage in the second argument of ClaimExtractorInterface

I think we should have 2 different interfaces there, one representing the claims available as a user (being a map from claim names to claim values) and another one representing a set of claim names associated with a scope.

[stof]

@steverhoades do you have any insight on this ? Is my analysis of the expected types correct ? And what should be done about that ?