lua-resty-openidc icon indicating copy to clipboard operation
lua-resty-openidc copied to clipboard

Published 20 hours ago verified publisher icon zmartzone

added support for registrations endpoint

Open burnes opened this issue 3 years ago • 3 comments

Some OAuth providers provide an endpoint for a registration page instead of a login page. By configuring the registrations_path and registrations_endpoint, the openidc_authorize function will redirect to the configured endpoint including the same parameters as the authorization endpoint and prepare the session.

Can be used e.g. for providing direct Links to Keycloak's registration page.

burnes avatar Sep 12 '22 20:09 burnes

@zandbelt Could you please take a look at this?

burnes avatar Sep 13 '22 06:09 burnes

I don't see why this should be part of lua-resty-openidc. One could just as well provide the registration link of the provider directly to the user instead of redirecting through the path on the RP, isn't it?

zandbelt avatar Sep 13 '22 07:09 zandbelt

@zandbelt To have a working link (and backlink), the session must be created and the state/redirect URL etc. must be appended to the registrations URL. At least in my use-case for Keycloak. If I want to do it outside of the library I have to duplicate a lot of code from the library as all the helper methods are private. Thought this could also help others.

burnes avatar Sep 13 '22 08:09 burnes

We don't use it anymore, as it is not OpenID conform

burnes avatar Jul 01 '24 09:07 burnes