arrudamarcos78
commented
4 years ago Found the solution after reading this post:
https://github.com/IdentityModel/oidc-client-js/issues/315
const userManager = new UserManager({ ... }); //as normal
await userManager.signinRedirect({
extraQueryParams: { //your params go here
foo: 'bar',
batz: 'quux',
},
});
I have a Javascript client which uses OIDC for authentication. I'm using the authorization code flow. Here is a code snippet:
I would like to be able to add extra parameters in the config object above which would be available in the query string of the URL that I have access to in the Login method of my Authorization Server (http://localhost:5000/Account/Login):
(C# code):
(I can access the URL query string in the code above by both the returnUrl parameter or the HttpContext.Request.Query property)
Contextualizing: The reason I need this feature is because there are extra parameters that are mandatory for me to authenticate the user, besides username and password. However, these parameters are not explicitly informed by the user. They have their values assigned inside the client Javascript code (Ex: the device ID (like a cell phone's IMEI) of the client). If there is any other easier way to achieve this, I would be glad to know about.
I'm able to achieve this using Postman, based on this discussion: https://github.com/postmanlabs/postman-app-support/issues/2523.:
Because in Postman you can change the authorization endpoint URL to:
http://MyAuthorizationEndpoint?paramName=paramValue
Ex: http://localhost:5000/connect/authorize?device_id=XYZ
But I'm not able to do this in the Javascript client because I do not specify the authorization endpoint explicitly, only the authority (as seen in the config object above).
OBS: I don't intend to use any other type of authorization flow, like using an Extension Grant, since it's more insecure and not recommended.