Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OIDC connector: Allow specifying empty prompt type #3373

Merged
merged 2 commits into from Mar 12, 2024
Merged

OIDC connector: Allow specifying empty prompt type #3373

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
185ec88
OIDC connector: Allow specifying empty prompt type
nabokihms Feb 23, 2024
9200cf8
Merge branch 'master' into empty-prompt-type
nabokihms Mar 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
9 changes: 5 additions & 4 deletions connector/oidc/oidc.go
View file
Open in desktop
Expand Up @@ -76,7 +76,7 @@ type Config struct {
UserNameKey string `json:"userNameKey"`

// PromptType will be used fot the prompt parameter (when offline_access, by default prompt=consent)
PromptType string `json:"promptType"`
PromptType *string `json:"promptType"`
nabokihms marked this conversation as resolved.
Show resolved Hide resolved

// OverrideClaimMapping will be used to override the options defined in claimMappings.
// i.e. if there are 'email' and `preferred_email` claims available, by default Dex will always use the `email` claim independent of the ClaimMapping.EmailKey.
Expand Down Expand Up @@ -242,8 +242,9 @@ func (c *Config) Open(id string, logger log.Logger) (conn connector.Connector, e
}

// PromptType should be "consent" by default, if not set
if c.PromptType == "" {
c.PromptType = "consent"
promptType := "consent"
if c.PromptType != nil {
promptType = *c.PromptType
}

clientID := c.ClientID
Expand All @@ -268,7 +269,7 @@ func (c *Config) Open(id string, logger log.Logger) (conn connector.Connector, e
allowedGroups: c.AllowedGroups,
acrValues: c.AcrValues,
getUserInfo: c.GetUserInfo,
promptType: c.PromptType,
promptType: promptType,
userIDKey: c.UserIDKey,
userNameKey: c.UserNameKey,
overrideClaimMapping: c.OverrideClaimMapping,
Expand Down
35 changes: 35 additions & 0 deletions connector/oidc/oidc_test.go
View file
Open in desktop
Expand Up @@ -19,6 +19,7 @@ import (

"github.com/go-jose/go-jose/v4"
"github.com/sirupsen/logrus"
"github.com/stretchr/testify/require"

"github.com/dexidp/dex/connector"
)
Expand Down Expand Up @@ -584,6 +585,40 @@ func TestTokenIdentity(t *testing.T) {
}
}

func TestPromptType(t *testing.T) {
pointer := func(s string) *string {
return &s
}

tests := []struct {
name string
promptType *string
res string
}{
{name: "none", promptType: pointer("none"), res: "none"},
{name: "provided empty string", promptType: pointer(""), res: ""},
{name: "login", promptType: pointer("login"), res: "login"},
{name: "consent", promptType: pointer("consent"), res: "consent"},
{name: "default value", promptType: nil, res: "consent"},
}

testServer, err := setupServer(nil, true)
require.NoError(t, err)

for _, tc := range tests {
t.Run(tc.name, func(t *testing.T) {
conn, err := newConnector(Config{
Issuer: testServer.URL,
Scopes: []string{"openid", "groups"},
PromptType: tc.promptType,
})
require.NoError(t, err)

require.Equal(t, tc.res, conn.promptType)
})
}
}

func TestProviderOverride(t *testing.T) {
testServer, err := setupServer(map[string]any{
"sub": "subvalue",
Expand Down