-
Notifications
You must be signed in to change notification settings - Fork 738
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changed Azure AD Login Flow #808
Conversation
…Changed Redirect from Get to Post as Hybrid Flow needs form_post instead of query and returns the response as Form body. Added Hybrid Flow for Authorization grant to reterive user id_token. Changed Redirect from Get to Post as Hybrid Flow needs form_post instead of query and returns the response as Form body.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your contribution ✨
I've suggested some changes to make sure we don't break other oauth providers.
Added Get for Callback Added Id_token to Callback signature
hello @shabirjan, I think there was a misunderstanding, in your code in Could you separate the code from |
Hi @tpatel , Can you please explain a bit, what exactly you need me to do? What code should I separate? |
hi @shabirjan, I've been working on this PR so that we can merge your changes. However I tried to look for the reason behind the PR and I could gather that you're interested by getting the user role? Would this following snippet (without the code changes from this PR) work for your needs?
|
hi @tpatel , We already discussed almost 2-3 month ago on the call, that we can't use that endpoint as it returns user roles for all the AAD Applications in the tenant for that specific user, which we are not looking for. Our use case for that implementation was check the role assigned to the currently logged in user on behalf of the Specific AAD App Registration. |
closing in favor of #1046 (I've implemented the azure hybrid flow as needed in a separate oauth provider and route so that it doesn't brake the integration for other users). |
Added Hybrid Flow for Authorization grant to reterive user id_token.
Changed Redirect from Get to Post as Hybrid Flow needs form_post instead of query and returns the response as Form body.