search

nginxinc / nginx-openid-connect

Reference implementation of OpenID Connect integration for NGINX Plus
https://www.nginx.com/products/nginx/
Other
199 stars 94 forks source link

Use of optionals parameters for specifics IDP #36

Closed sebacla closed 3 years ago

sebacla commented 3 years ago

I use keycloak with this script and I want to pass and use specific keycloak parameter kc_idp_hint. This parameter is given client side according keycloak documentation (i.e : https://www.keycloak.org/docs/latest/server_admin/#default_identity_provider!) to automatically select IDP to use.

Is there a way to pass optional parameters (kc_idp_hint and kc_idp_hint value) to authZargs in opened_connect.js line 247 ?

I would prefer not to modify or fork the script in order to be able to apply future updates.

lcrilly commented 3 years ago

The simplest way is to overload the $oidc_scopes variable https://github.com/nginxinc/nginx-openid-connect/blob/main/openid_connect_configuration.conf#L32

default "openid+profile+email+offline_access&kc_idp_hint=facebook";
sebacla commented 3 years ago

thx @lcrilly it works ! Sure it's the simplest way :) I think many people may have this need. To be generic, another variable empty or not could do the trick ;)

lcrilly commented 3 years ago

We'll consider this, thanks.