Skip to content

Commit

Permalink
support prompt in addition to approval-prompt
Browse files Browse the repository at this point in the history
  • Loading branch information
@ploxiln
Jakub Holy authored and ploxiln committed May 24, 2020
1 parent 5fb7b7e commit 811707f
Show file tree
Hide file tree
Showing 4 changed files with 11 additions and 2 deletions.
1 change: 1 addition & 0 deletions main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,7 @@ func mainFlagSet() *flag.FlagSet {
flagSet.String("resource", "", "The resource that is protected (Azure AD only)")
flagSet.String("validate-url", "", "Access token validation endpoint")
flagSet.String("scope", "", "OAuth scope specification")
flagSet.String("prompt", "", "OIDC prompt (overrides approval-prompt)")
flagSet.String("approval-prompt", "force", "OAuth approval_prompt")

flagSet.String("signature-key", "", "GAP-Signature request signature key (algorithm:secretkey)")
Expand Down
5 changes: 4 additions & 1 deletion options.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,8 @@ type Options struct {
ProtectedResource string `flag:"resource" cfg:"resource"`
ValidateURL string `flag:"validate-url" cfg:"validate_url"`
Scope string `flag:"scope" cfg:"scope"`
ApprovalPrompt string `flag:"approval-prompt" cfg:"approval_prompt"`
Prompt string `flag:"prompt" cfg:"prompt"`
ApprovalPrompt string `flag:"approval-prompt" cfg:"approval_prompt"` // Deprecated by OIDC 1.0

XHeaders bool `flag:"xheaders" cfg:"xheaders"`
RequestLogging bool `flag:"request-logging" cfg:"request_logging"`
Expand Down Expand Up @@ -119,6 +120,7 @@ func NewOptions() *Options {
PassUserHeaders: true,
PassAccessToken: false,
PassHostHeader: true,
Prompt: "", // Change to "login" when ApprovalPrompt deprecated/removed
ApprovalPrompt: "force",
XHeaders: true,
RequestLogging: true,
Expand Down Expand Up @@ -235,6 +237,7 @@ func parseProviderInfo(o *Options, msgs []string) []string {
Scope: o.Scope,
ClientID: o.ClientID,
ClientSecret: o.ClientSecret,
Prompt: o.Prompt,
ApprovalPrompt: o.ApprovalPrompt,
}
p.LoginURL, msgs = parseURL(o.LoginURL, "login", msgs)
Expand Down
1 change: 1 addition & 0 deletions providers/provider_data.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ type ProviderData struct {
ProtectedResource *url.URL
ValidateURL *url.URL
Scope string
Prompt string
ApprovalPrompt string
}

Expand Down
6 changes: 5 additions & 1 deletion providers/provider_default.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,11 @@ func (p *ProviderData) GetLoginURL(redirectURI, state string) string {
a = *p.LoginURL
params, _ := url.ParseQuery(a.RawQuery)
params.Set("redirect_uri", redirectURI)
params.Set("approval_prompt", p.ApprovalPrompt)
if p.Prompt != "" {
params.Set("prompt", p.Prompt)
} else { // Legacy variant of the prompt param:
params.Set("approval_prompt", p.ApprovalPrompt)
}
params.Add("scope", p.Scope)
params.Set("client_id", p.ClientID)
params.Set("response_type", "code")
Expand Down

0 comments on commit 811707f

Please sign in to comment.