Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support audience claim in token URL request #497

Open
da1910 opened this issue Sep 7, 2020 · 2 comments
Open

Support audience claim in token URL request #497

da1910 opened this issue Sep 7, 2020 · 2 comments
Labels
type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design.

Comments

@da1910
Copy link

da1910 commented Sep 7, 2020

Is your feature request related to a problem? Please describe.
Auth0 Identity provider returns an opaque token unless the query parameter "audience" is set when requesting an access token. They use this parameter to determine which resource server to authorize the user to. See this support request: https://community.auth0.com/t/why-is-it-necessary-to-pass-the-audience-parameter-to-receive-a-jwt/11412.

Describe the solution you'd like
I would like a simple way to add extra parameters to the auth flow.

Describe alternatives you've considered
Extending the AuthorizationCodeFlow class to include the audience parameter, and using the AuthorizationCodeRequestUrl.set() method to add the query parameter. This resolved the issue, but required extending the builder as well, and will be sensitive to updates to the client.
@yoshi-automation yoshi-automation added triage me I really want to be triaged. 🚨 This issue needs some love. labels Sep 8, 2020
@chingor13 chingor13 added the type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design. label Sep 14, 2020
@yoshi-automation yoshi-automation removed 🚨 This issue needs some love. triage me I really want to be triaged. labels Sep 14, 2020
@XcrigX
Copy link

XcrigX commented Feb 4, 2022

This is a pretty easy fix in AuthorizationCodeInstalledApp.authorize(..) by adding a Map to the arguments and then calling :
authorizationUrl.setUnknownKeys(additionalRequestParams);

`

public Credential authorize(String userId, Map<String, Object> additionalRequestParams) throws IOException {

	try {
		Credential credential = flow.loadCredential(userId);
		if (credential != null
			&& (credential.getRefreshToken() != null
				|| credential.getExpiresInSeconds() == null
				|| credential.getExpiresInSeconds() > 60)) {
			return credential;
		}

		// open in browser
		String redirectUri = receiver.getRedirectUri();
		AuthorizationCodeRequestUrl authorizationUrl = flow.newAuthorizationUrl().setRedirectUri(redirectUri);

		if (additionalRequestParams != null && !additionalRequestParams.isEmpty()) {
			authorizationUrl.setUnknownKeys(additionalRequestParams);
		}

		onAuthorization(authorizationUrl);
		// receive authorization code and exchange it for an access token
		String code = receiver.waitForCode();
		TokenResponse response = flow.newTokenRequest(code).setRedirectUri(redirectUri).execute();
		// store credential and return it
		return flow.createAndStoreCredential(response, userId);
	} finally {
		receiver.stop();
	}
}

`

@TimurSadykov
Copy link
Member

@XcrigX Thanks for the suggestion. Unfortunately, this library is in maintenance mode and we normally don't add features, modifications. However, if you can contribute the change - we will review it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@chingor13 @TimurSadykov @XcrigX @da1910 @yoshi-automation