Currently okta-oidc-middleware does not support the following pattern. It appears that the state is hardcoded to be set to a uuid.v4(), here. The pattern described in the document is important to our use case, where login needs to pass some stateful url information through login. If possible, I would like to be able to send a state to the configured routes.login.path (either via header, get param, etc), and have that state be accessible on the req of routes.loginCallback.handler.
New or Affected Resource(s)
Not sure what this box means. It would affect the library implementation, as well as the feature set available. it would be a non-breaking change, thus a bump in semver.
Describe the feature request?
Currently okta-oidc-middleware does not support the following pattern. It appears that the state is hardcoded to be set to a uuid.v4(), here. The pattern described in the document is important to our use case, where login needs to pass some stateful url information through login. If possible, I would like to be able to send a state to the configured
routes.login.path(either via header, get param, etc), and have that state be accessible on thereqofroutes.loginCallback.handler.New or Affected Resource(s)
Not sure what this box means. It would affect the library implementation, as well as the feature set available. it would be a non-breaking change, thus a bump in semver.
Provide a documentation link
https://datatracker.ietf.org/doc/html/draft-bradley-oauth-jwt-encoded-state-09 https://devforum.okta.com/t/problem-with-customizing-redirect-uri/4077
Additional Information?
No response