Closed brianhv closed 4 years ago
brianhv
commented
4 years ago I'm going to rescind this request unless someone else thinks it's a good idea. This library seems to be consistent with others as-is, and I've been able to obtain the behavior I want by storing the redirect in the session.
kilork
commented
4 years ago Hi, I think you need to use state field, for example:
#[get("/oauth2/authorization/oidc")]
async fn authorize(
oidc_client: web::Data<DiscoveredClient>,
authorize_query: web::Query<AuthorizeQuery>,
) -> impl Responder {
let auth_url = oidc_client.auth_url(&Options {
scope: Some("email".into()),
state: authorize_query.state.clone(),
..Default::default()
});
debug!("authorize: {}", auth_url);
HttpResponse::Found()
.header(http::header::LOCATION, auth_url.to_string())
.finish()
}The whole example is here:
https://github.com/kilork/rustorrent/blob/master/backend/src/login.rs
Some info about state field:
brianhv
commented
4 years ago Ah, that's even better! Thanks for pointing that out!
Would it make sense (assuming it's not there already and I'm missing it) to add a way to add a query parameter to the callback URL after the
Clientis constructed? My use case is returning the user to the page they were trying to hit before they were forced to log in.I imagine this working by adding a field to the
Optionsstruct forauth_url(). For example, if the redirect is set tohttps://example.com/login/oauth2/code/oidcwhen theClientis constructed:I'm in no way attached to names or data types here; just illustrating the principle.