From ac22c75ff9fe8fc73def38fa1c3bd82a01313d16 Mon Sep 17 00:00:00 2001 From: Quentin Gliech Date: Fri, 1 Mar 2024 12:53:17 +0100 Subject: [PATCH] Append additional parameters to the OAuth2 authorize endpoint --- crates/config/src/sections/upstream_oauth2.rs | 2 +- crates/handlers/src/upstream_oauth2/authorize.rs | 11 ++++++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/crates/config/src/sections/upstream_oauth2.rs b/crates/config/src/sections/upstream_oauth2.rs index e26362f66..c3b7b0ca4 100644 --- a/crates/config/src/sections/upstream_oauth2.rs +++ b/crates/config/src/sections/upstream_oauth2.rs @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -use std::{ops::Deref, collections::BTreeMap}; +use std::{collections::BTreeMap, ops::Deref}; use async_trait::async_trait; use mas_iana::{jose::JsonWebSignatureAlg, oauth::OAuthClientAuthenticationMethod}; diff --git a/crates/handlers/src/upstream_oauth2/authorize.rs b/crates/handlers/src/upstream_oauth2/authorize.rs index 54937e03e..1464c4843 100644 --- a/crates/handlers/src/upstream_oauth2/authorize.rs +++ b/crates/handlers/src/upstream_oauth2/authorize.rs @@ -107,12 +107,21 @@ pub(crate) async fn get( }; // Build an authorization request for it - let (url, data) = mas_oidc_client::requests::authorization_code::build_authorization_url( + let (mut url, data) = mas_oidc_client::requests::authorization_code::build_authorization_url( lazy_metadata.authorization_endpoint().await?.clone(), data, &mut rng, )?; + // We do that in a block because params borrows url mutably + { + // Add any additional parameters to the query + let mut params = url.query_pairs_mut(); + for (key, value) in &provider.additional_authorization_parameters { + params.append_pair(key, value); + } + } + let session = repo .upstream_oauth_session() .add(