-
Notifications
You must be signed in to change notification settings - Fork 346
[KEYCLOAK-11499] Add idp-hint
as a configuration option
#495
base: master
Are you sure you want to change the base?
Conversation
idp-hint
as a configuration option
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@moremagic I believe this change makes sense, wdyt @stianst?. We need two things here:
- Tests for the new parameter
- Update our documentation: https://github.com/keycloak/keycloak-documentation/blob/9194cbe2c4f443ddb4ab012cc9902fc3759bdc6a/securing_apps/topics/oidc/keycloak-gatekeeper.adoc
Please let me know if you would like to proceed, otherwise we may need to schedule the full implementation for the next releases. If you have any questions, feel free to ask.
It would be useful if |
Thanks for volunteering to work on this @msuret. Before start working on anything, I'd suggest starting a thread on the dev mailing list, so others can join and provide some feedback on this. |
// idp_hint config | ||
idpHint := r.config.IdpHint | ||
if idpHint != "" { | ||
authURL += "&kc_idp_hint=" + idpHint |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could there sometimes be other url parameters already in authURL? I am thinking "&" vs "?"
If that is never a possibility please disregard, otherwise I suggest adding some pre-inspection of authURL before appending.
Thank you @abstractj and @moremagic ! The change looks simple enough. Line (91) I added a comment. I agree that tests are missing still. Could you please point me at where I can download the built artifact? I could probably test it manually and report based on my use/findings. |
@moremagic would you like to follow up on @rickyschechter's comments? Do you have any plans to introduce tests? |
Add
idp-hint
as a configuration option, so that gatekeeper can set it's own suggested idp.