Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OIDC jwt state flow #46

Open
Tiuipuv opened this issue Apr 22, 2022 · 0 comments
Open

OIDC jwt state flow #46

Tiuipuv opened this issue Apr 22, 2022 · 0 comments
Labels
enhancement New feature or request

Comments

@Tiuipuv
Copy link

Tiuipuv commented Apr 22, 2022

Describe the feature request?

Currently okta-oidc-middleware does not support the following pattern. It appears that the state is hardcoded to be set to a uuid.v4(), here. The pattern described in the document is important to our use case, where login needs to pass some stateful url information through login. If possible, I would like to be able to send a state to the configured routes.login.path (either via header, get param, etc), and have that state be accessible on the req of routes.loginCallback.handler.

New or Affected Resource(s)

Not sure what this box means. It would affect the library implementation, as well as the feature set available. it would be a non-breaking change, thus a bump in semver.

Provide a documentation link

https://datatracker.ietf.org/doc/html/draft-bradley-oauth-jwt-encoded-state-09
https://devforum.okta.com/t/problem-with-customizing-redirect-uri/4077

Additional Information?

No response
@Tiuipuv Tiuipuv added the enhancement New feature or request label Apr 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Tiuipuv