Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Setting a state variable #47

Open
LakshanKarunathilake opened this issue Feb 8, 2022 · 6 comments
Open

Setting a state variable #47

LakshanKarunathilake opened this issue Feb 8, 2022 · 6 comments
Assignees
@tippexs
Labels
question Further information is requested

Comments

@LakshanKarunathilake
Copy link

Is there a way to pass a state variable ?
@tippexs tippexs self-assigned this Feb 9, 2022
@tippexs tippexs added the question Further information is requested label Feb 9, 2022
@tippexs
Copy link
Contributor

tippexs commented Feb 9, 2022

Not without modifying the code a little bit.

nginx-openid-connect/openid_connect.js

Line 262 in db991ec

authZArgs += "&state=0";

If PKCE is in use the state value is already be in use for the pkce_id value. If you are not using PKCE you could assign any other value to the state variable.

What kind of value would you like to send to the IdP in the state?

@LakshanKarunathilake
Copy link
Author

I am currently using PKCE, apart from that I need to send some additional information. As you suggested, I think it would be better if we are able to pass parameters along with the request

@tippexs
Copy link
Contributor

tippexs commented Feb 10, 2022

If it`s just about sending additional URI params to the IdP you can simply change the NGINX configuration and send them along.

nginx-openid-connect/openid_connect.server_conf

Line 42 in db991ec

proxy_set_body "grant_type=authorization_code&client_id=$oidc_client&$args&redirect_uri=$redirect_base$redir_location";

Handling new params at codexch can be handled here:

nginx-openid-connect/openid_connect.server_conf

Line 28 in db991ec

location = /_codexch {

Whats the usecase? This would help better to undestand where you should implement the new logic.

@LakshanKarunathilake
Copy link
Author

LakshanKarunathilake commented Feb 22, 2022
edited

Even if I disable the PKCE. state variable is set to default value 0 so I am unable to set the custom parameter there. I want to send a custom UUID parameter to IDP and get that parameter to redirect to the proper subdomain. IDP is only allowing the state parameter it is not accepting the custom query parameters.

@LakshanKarunathilake
Copy link
Author

@tippexs If I open a PR to support customizing the state parameter and if PKCE is not enabled then use the given state parameter will that be okay ?

Open
@LakshanKarunathilake
Copy link
Author

If it`s just about sending additional URI params to the IdP you can simply change the NGINX configuration and send them along.

nginx-openid-connect/openid_connect.server_conf

Line 42 in db991ec

proxy_set_body "grant_type=authorization_code&client_id=$oidc_client&$args&redirect_uri=$redirect_base$redir_location";

Handling new params at codexch can be handled here:

nginx-openid-connect/openid_connect.server_conf

Line 28 in db991ec

location = /_codexch {

Whats the usecase? This would help better to undestand where you should implement the new logic.

If we want to attach new URI parameters for the codexch is it possible ?

@shawnhankim shawnhankim mentioned this issue Dec 23, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tippexs tippexs

Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tippexs @LakshanKarunathilake