Description
Is your feature request related to a problem? Please describe:
To have feature parity with the NGINX Plus OIDC Reference Implementation I would like to see a key/value pair added to the OIDC Policy declaration to include enabling PKCE, updating scopes, and adding a Logout Redirect URL.
Describe the solution you'd like:
I would like to see a key/value pair added to the OIDC Policy declaration to include enabling PKCE ($oidc_pkce_enable 1), updating scopes ($oidc_scopes), and adding a Logout Redirect URL ($oidc_logout_redirect).
Describe alternatives you've considered:
Not sure if we could use Server/Location Snippets to meet this requirement with the map directives in the openid_connect_configuration.conf file.
Additional context:
PKCE could be automatically marked true (Implemented) if the clientSecret value is left blank, unless there is a use case where both would be needed? Scopes and Logout URI would use the defaults if not updated and therefore be optional.
Some more detail, I'm looking more for feature parity with this OIDC Reference Implementation which looks like the same implementation added to the latest version of KIC (If you exec into the KIC pod and look in the /etc/nginx/oidc folder, you will see the same code used). We are just missing these 3x variables to make the 2 solutions equivalent. All the code is already in /etc/nginx/oidc, on KIC, but these 3x variables ($oidc_pkce_enable, $oidc_scopes, and $oidc_logout_redirect) were not included in the OIDC Policy configuration which is what I am asking about.
Sub-issues
Metadata
Metadata
Assignees
Type
Projects
Status