Add Override Option for Redirect URL

twz123 · Jan 23, 2018 · 5b2ef73 · 5b2ef73
1 parent 66483c9
commit 5b2ef73
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -18,6 +18,7 @@ solves this problem, but specifically for Google as Identity Provider.
         --issuer-url=    IdP Issuer URL to be contacted (default: https://accounts.google.com)
         --client-id=     Client ID to be used
         --client-secret= Client Secret to be used
+        --redirect-url=  Redirect URL to be communicated to the IdP (needs to indicate "out of band") (default: urn:ietf:wg:oauth:2.0:oob)
 
     Help Options:
     -h, --help           Show this help message

diff --git a/pkg/oidc/oidc.go b/pkg/oidc/oidc.go
@@ -14,6 +14,7 @@ type Config struct {
 	IssuerURL    string `long:"issuer-url" description:"IdP Issuer URL to be contacted" default:"https://accounts.google.com"`
 	ClientID     string `long:"client-id" required:"yes" description:"Client ID to be used"`
 	ClientSecret string `long:"client-secret" required:"yes" description:"Client Secret to be used"`
+	RedirectURL  string `long:"redirect-url" description:"Redirect URL to be communicated to the IdP (needs to indicate \"out of band\")" default:"urn:ietf:wg:oauth:2.0:oob"`
 }
 
 type OIDCFlow struct {
@@ -46,7 +47,7 @@ func NewOpenIDConnectFlow(config *Config) (*OIDCFlow, error) {
 	oauth2Config := &oauth2.Config{
 		ClientID:     config.ClientID,
 		ClientSecret: config.ClientSecret,
-		RedirectURL:  "urn:ietf:wg:oauth:2.0:oob",
+		RedirectURL:  config.RedirectURL,
 
 		// Discovery returns the OAuth2 endpoints.
 		Endpoint: provider.Endpoint(),