Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhance custom query params for OIDC authZ endpoint #77

Open
shawnhankim opened this issue Dec 23, 2022 · 0 comments
Open

Enhance custom query params for OIDC authZ endpoint #77

shawnhankim opened this issue Dec 23, 2022 · 0 comments

Comments

@shawnhankim
Copy link
Contributor

shawnhankim commented Dec 23, 2022
edited

As a Product Manager,

I want to more flexibly configure query parameters for the OIDC authZ endpoint. So customers can customize the OIDC endpoints to pass vendor specific query parameters to complete their flow. For example, Azure AD B2B expects to send a special query param called resource-id to be passed to its authorization endpoint.

In addition to that, I want to synchronize the variable name between NGINX Plus and NGINX Management Suite.

  • NGINX Plus OIDC: $oidc_authz_extra_args is merged (Dec/8/2022)
  • NGINX Management Suite: $oidc_authz_query_params is released (Jul/20/2022)

AC:

  • Refactor and enhance the existing reference implementation and the latest PR to support following options:
    • option 1. Use built-in params
    • option 2. Extend extra params after the built-in params
    • option 3. Replace built-in params with custom params
  • Revise the name from $oidc_authz_extra_args to $oidc_authz_query_params.
  • Add key/values (e.g., $pkce_code_challenge, $nonce_hash) that can be configured as query params by customers for the OIDC authZ endpoint.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@shawnhankim