diff --git a/app/forms/openid_connect_authorize_form.rb b/app/forms/openid_connect_authorize_form.rb index 45d7c128bbb..2a26f78d205 100644 --- a/app/forms/openid_connect_authorize_form.rb +++ b/app/forms/openid_connect_authorize_form.rb @@ -226,6 +226,8 @@ def validate_verified_within_duration def extra_analytics_attributes { client_id: client_id, + prompt: prompt, + allow_prompt_login: service_provider&.allow_prompt_login, redirect_uri: result_uri, scope: scope&.sort&.join(' '), acr_values: acr_values&.sort&.join(' '), diff --git a/spec/controllers/openid_connect/authorization_controller_spec.rb b/spec/controllers/openid_connect/authorization_controller_spec.rb index 2ad50a04c8a..275e5671886 100644 --- a/spec/controllers/openid_connect/authorization_controller_spec.rb +++ b/spec/controllers/openid_connect/authorization_controller_spec.rb @@ -53,6 +53,8 @@ with('OpenID Connect: authorization request', success: true, client_id: client_id, + prompt: 'select_account', + allow_prompt_login: true, errors: {}, unauthorized_scope: true, user_fully_authenticated: true, @@ -113,6 +115,8 @@ with('OpenID Connect: authorization request', success: true, client_id: client_id, + prompt: 'select_account', + allow_prompt_login: true, errors: {}, unauthorized_scope: false, user_fully_authenticated: true, @@ -211,6 +215,8 @@ with('OpenID Connect: authorization request', success: true, client_id: client_id, + prompt: 'select_account', + allow_prompt_login: true, errors: {}, unauthorized_scope: false, user_fully_authenticated: true, @@ -253,6 +259,8 @@ with('OpenID Connect: authorization request', success: true, client_id: client_id, + prompt: 'select_account', + allow_prompt_login: true, errors: {}, unauthorized_scope: false, user_fully_authenticated: true, @@ -296,6 +304,8 @@ with('OpenID Connect: authorization request', success: true, client_id: client_id, + prompt: 'select_account', + allow_prompt_login: true, errors: {}, unauthorized_scope: false, user_fully_authenticated: true, @@ -374,6 +384,8 @@ with('OpenID Connect: authorization request', success: false, client_id: client_id, + prompt: '', + allow_prompt_login: true, unauthorized_scope: true, errors: hash_including(:prompt), error_details: hash_including(:prompt), @@ -403,6 +415,8 @@ with('OpenID Connect: authorization request', success: false, client_id: nil, + prompt: 'select_account', + allow_prompt_login: nil, unauthorized_scope: true, errors: hash_including(:client_id), error_details: hash_including(:client_id), diff --git a/spec/forms/openid_connect_authorize_form_spec.rb b/spec/forms/openid_connect_authorize_form_spec.rb index 104062636a4..6e5e1231147 100644 --- a/spec/forms/openid_connect_authorize_form_spec.rb +++ b/spec/forms/openid_connect_authorize_form_spec.rb @@ -43,6 +43,8 @@ success: true, errors: {}, client_id: client_id, + prompt: 'select_account', + allow_prompt_login: true, redirect_uri: nil, unauthorized_scope: true, acr_values: 'http://idmanagement.gov/ns/assurance/ial/1', @@ -62,6 +64,8 @@ errors: { response_type: ['is not included in the list'] }, error_details: { response_type: [:inclusion] }, client_id: client_id, + prompt: 'select_account', + allow_prompt_login: true, redirect_uri: "#{redirect_uri}?error=invalid_request&error_description=" \ "Response+type+is+not+included+in+the+list&state=#{state}", unauthorized_scope: true,