ChxisBC
ZITADELā€¢2mo agoā€¢
9 replies
ChxisB

Source code changes for OIDC and OAuth

āŒUnsolvedāž•Feature RequestšŸŒŸContributionšŸŖ²Bugs
Hello there, i've seen many issue request in Github around the 
prompt=select_account
 so i've been looking in the source code and it would be great if we can do the following; this way we can add an override.

// interal/api/ui/login/external_provider_handler.go

Lines: 169 -> 172
case domain.IDPTypeOIDC:
  provider, err = l.oidcProvider(r.Context(), identityProvider, authReq)


Line: 305
provider, err := l.oidcProvider(r.Context(), identityProvider, authReq)


Line: 1059
func (l *Login) oidcProvider(ctx context.Context, identityProvider *query.IDPTemplate, authReq *domain.AuthRequest) (*openid.Provider, error)

// Instead this method, replace: 

opts := make([]openid.ProviderOpts, 1, 3)
opts[0] = openid.WithSelectAccount()

// With (Only add WithSelectAccount if the auth request doesn't already have a prompt parameter)

opts := make([]openid.ProviderOpts, 0, 3)

if !domain.IsPrompt(authReq.Prompt, domain.PromptSelectAccount) && len(authReq.Prompt) == 0 {
  opts = append(opts, openid.WithSelectAccount())
}


A similar fix can be added to the 
OAuth
 but needs to be changed in the 
oauth2.go
 file

Long term solution would be being able to actually select the prompt type within the UI dashboard when setting up a provider and any other custom paramaters for forwarding.
Was this page helpful?