add AuthParams to OIDC struct #1802
Conversation
|
|
|
|
github-actions
bot
added
the
needs triage
|
Hi @jdoupe, We will accept this contribution and smallstep/cli#1154, but they are not a complete PR as it does not allow configuring the provisioners in a database and a linked CA. I've added the details for this in a similar PR, see #1796 (comment) And we will work on this, but it can take some time, you can also send us a more complete PR. |
|
Similar to the other PR, the workaround is adding `"auth-param" to the defaults.json so it sets those flags automatically. |
|
Thanks for the feedback! I've updated my branch here to include "Scopes" from #1796 along with the linkedca provisioner bits. And to that end, I also created a branch on smallstep/linkedca to address the proto changes. I'll submit a PR for that when I get around to seeing if I can test the database and linked ca scenarios. UPDATE: I'll also have to take a step back and update the CLI branch to accept |
|
Confirmed functionality in "Remote Provisioner Management" configuration. |
|
Linking related PR's for reference: |
This commit upgrades go.step.sm/linkedca with dependencies required by #1802. It also fixes some linter warnings.
Name of feature:
Add "AuthParams" to OIDC provisioner.
Pain or issue this feature alleviates:
AuthParams (or "extra parameters for the authorization request") are sometimes a requirement for OIDC configurations. Someone had already added the capability as a command line parameter, but remote requests to a CA wouldn't be able to include any extra parameters.
Why is this important to the project (if not answered above):
Is there documentation on how to use this feature? If so, where?
Not absolutely sure where to update this, but it would entail the addition of an "authParams" key within an OIDC provisioner:
e.g.
In what environments or workflows is this feature supported?
In what environments or workflows is this feature explicitly NOT supported (if any)?
Supporting links/other PRs/issues:
💔Thank you!