-
Notifications
You must be signed in to change notification settings - Fork 725
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changed Azure AD Login Flow #808
base: main
Are you sure you want to change the base?
Conversation
…Changed Redirect from Get to Post as Hybrid Flow needs form_post instead of query and returns the response as Form body. Added Hybrid Flow for Authorization grant to reterive user id_token. Changed Redirect from Get to Post as Hybrid Flow needs form_post instead of query and returns the response as Form body.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your contribution ✨
I've suggested some changes to make sure we don't break other oauth providers.
Added Get for Callback Added Id_token to Callback signature
hello @shabirjan, I think there was a misunderstanding, in your code in Could you separate the code from |
Hi @tpatel , Can you please explain a bit, what exactly you need me to do? What code should I separate? |
hi @shabirjan, I've been working on this PR so that we can merge your changes. However I tried to look for the reason behind the PR and I could gather that you're interested by getting the user role? Would this following snippet (without the code changes from this PR) work for your needs?
|
hi @tpatel , We already discussed almost 2-3 month ago on the call, that we can't use that endpoint as it returns user roles for all the AAD Applications in the tenant for that specific user, which we are not looking for. Our use case for that implementation was check the role assigned to the currently logged in user on behalf of the Specific AAD App Registration. |
Added Hybrid Flow for Authorization grant to reterive user id_token.
Changed Redirect from Get to Post as Hybrid Flow needs form_post instead of query and returns the response as Form body.