OIDC : extra query params (InseeFrLab#378)

statisticsnorway · Feb 9, 2024 · dc1c552 · dc1c552
1 parent 93b4ff7
commit dc1c552
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -73,6 +73,7 @@ Configurable properties :
 | `oidc.audience` | | Optional : audience to validate. Must be the same as the token's `aud` field |
 | `oidc.username-claim` | `preferred_username` | Claim to be used as user id. Must conform to [RFC 1123](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) |
 | `oidc.groups-claim` | `groups` | Claim to be used as list of user groups. |
+| `oidc.extra-query-params` | | Optional : query params to be added by client. e.g : `prompt=consent&kc_idp_hint=google` |
 
 ### Security configuration :
 | Key | Default | Description |

diff --git a/onyxia-api/src/main/java/fr/insee/onyxia/api/controller/pub/ConfigurationController.java b/onyxia-api/src/main/java/fr/insee/onyxia/api/controller/pub/ConfigurationController.java
@@ -53,6 +53,7 @@ public AppInfo configuration() {
         if (oidcConfiguration != null) {
             OIDCConfiguration.setIssuerURI(oidcConfiguration.getIssuerUri());
             OIDCConfiguration.setClientID(oidcConfiguration.getClientID());
+            OIDCConfiguration.setExtraQueryParams(oidcConfiguration.getExtraQueryParams());
             appInfo.setOidcConfiguration(OIDCConfiguration);
         }
         return appInfo;

diff --git a/onyxia-api/src/main/java/fr/insee/onyxia/api/security/OIDCConfiguration.java b/onyxia-api/src/main/java/fr/insee/onyxia/api/security/OIDCConfiguration.java
@@ -58,6 +58,9 @@ public class OIDCConfiguration {
     @Value("${oidc.clientID}")
     private String clientID;
 
+    @Value("${oidc.extra-query-params}")
+    private String extraQueryParams;
+
     private final HttpRequestUtils httpRequestUtils;
 
     @Autowired
@@ -210,6 +213,14 @@ public void setClientID(String clientID) {
         this.clientID = clientID;
     }
 
+    public String getExtraQueryParams() {
+        return extraQueryParams;
+    }
+
+    public void setExtraQueryParams(String extraQueryParams) {
+        this.extraQueryParams = extraQueryParams;
+    }
+
     @Bean
     @ConditionalOnProperty(prefix = "oidc", name = "issuer-uri")
     NimbusJwtDecoder jwtDecoder() {

diff --git a/onyxia-model/src/main/java/fr/insee/onyxia/model/region/Region.java b/onyxia-model/src/main/java/fr/insee/onyxia/model/region/Region.java
@@ -1095,6 +1095,8 @@ public static class OIDCConfiguration {
         private String issuerURI;
         private String clientID;
 
+        private String extraQueryParams;
+
         public String getIssuerURI() {
             return issuerURI;
         }
@@ -1110,6 +1112,14 @@ public String getClientID() {
         public void setClientID(String clientID) {
             this.clientID = clientID;
         }
+
+        public String getExtraQueryParams() {
+            return extraQueryParams;
+        }
+
+        public void setExtraQueryParams(String extraQueryParams) {
+            this.extraQueryParams = extraQueryParams;
+        }
     }
 
     public static class Expose {