microsoft: Support setting the prompt type

Signed-off-by: Erica Taylor <ricky@wellplayed.games>
This commit is contained in:
Erica Taylor 2021-01-11 11:28:55 +00:00 committed by Ricky Taylor
parent 4f326390aa
commit ba47aaba86

View file

@ -53,6 +53,10 @@ type Config struct {
GroupNameFormat GroupNameFormat `json:"groupNameFormat"` GroupNameFormat GroupNameFormat `json:"groupNameFormat"`
UseGroupsAsWhitelist bool `json:"useGroupsAsWhitelist"` UseGroupsAsWhitelist bool `json:"useGroupsAsWhitelist"`
EmailToLowercase bool `json:"emailToLowercase"` EmailToLowercase bool `json:"emailToLowercase"`
// PromptType is used for the prompt query parameter.
// For valid values, see https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#request-an-authorization-code.
PromptType string `json:"promptType"`
} }
// Open returns a strategy for logging in through Microsoft. // Open returns a strategy for logging in through Microsoft.
@ -70,6 +74,7 @@ func (c *Config) Open(id string, logger log.Logger) (connector.Connector, error)
useGroupsAsWhitelist: c.UseGroupsAsWhitelist, useGroupsAsWhitelist: c.UseGroupsAsWhitelist,
logger: logger, logger: logger,
emailToLowercase: c.EmailToLowercase, emailToLowercase: c.EmailToLowercase,
promptType: c.PromptType,
} }
// By default allow logins from both personal and business/school // By default allow logins from both personal and business/school
// accounts. // accounts.
@ -113,6 +118,7 @@ type microsoftConnector struct {
useGroupsAsWhitelist bool useGroupsAsWhitelist bool
logger log.Logger logger log.Logger
emailToLowercase bool emailToLowercase bool
promptType string
} }
func (c *microsoftConnector) isOrgTenant() bool { func (c *microsoftConnector) isOrgTenant() bool {
@ -150,7 +156,12 @@ func (c *microsoftConnector) LoginURL(scopes connector.Scopes, callbackURL, stat
return "", fmt.Errorf("expected callback URL %q did not match the URL in the config %q", callbackURL, c.redirectURI) return "", fmt.Errorf("expected callback URL %q did not match the URL in the config %q", callbackURL, c.redirectURI)
} }
return c.oauth2Config(scopes).AuthCodeURL(state), nil var options []oauth2.AuthCodeOption
if c.promptType != "" {
options = append(options, oauth2.SetAuthURLParam("prompt", c.promptType))
}
return c.oauth2Config(scopes).AuthCodeURL(state, options...), nil
} }
func (c *microsoftConnector) HandleCallback(s connector.Scopes, r *http.Request) (identity connector.Identity, err error) { func (c *microsoftConnector) HandleCallback(s connector.Scopes, r *http.Request) (identity connector.Identity, err error) {