Support Redirects from a query param

[aiman-alsari]

First off, Great product. We are using it on Kubernetes behind an nginx ingress controller. One of the features nginx supports is hooking in to an auth provider. If there is no current authentication it will redirect to https://$host/oauth2/start?rd=$escaped_request_uri (see https://kubernetes.github.io/ingress-nginx/examples/auth/oauth-external-auth/)

One of the reasons we prefer this approach is that it prevents all requests having to go through the sso-proxy. Nginx will request the auth only when it needs it. For very high volume sites, it means we don't need to scale up the sso-proxy to handle the load.

However, when the authentication completes it will redirect back to $host/oauth2/start. Ideally it should use the "rd" query param provided.

To get this to work, I had to patch the code. I think it would be great if we could specify a redirect query param key as a config item and use that if it's set.

This is where I've made the change to work for our specific scenario:

index 5445f8e..0264ef3 100755
--- a/internal/proxy/oauthproxy.go
+++ b/internal/proxy/oauthproxy.go
@@ -636,7 +636,7 @@ func (p *OAuthProxy) OAuthStart(rw http.ResponseWriter, req *http.Request, tags
                return
        }
 
-       requestURI := req.URL.String()
+       requestURI := req.URL.Query().Get("rd")
        callbackURL := p.GetRedirectURL(req.Host)
 
        // We redirect the browser to the authenticator with a 302 status code. The target URL is```

Will look into contributing a PR some time soon.

[shrayolacrayon]

Thanks for opening this @aiman-alsari, this is something we'd be happy to support if you'd like to contribute a pull request!