Closed
Description
Background and Motivation
Today, there's no easy way to add additional parameters to the OAuth/OIDC authorization request.
With OAuth, we have to override OAuthHandler<TOptions>.BuildChallengeUrl as often done in AspNet.Security.OAuth.Providers:
With OIDC, we can use OpenIdConnectEvents.OnRedirectToIdentityProvider like:
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddAuthentication().AddOpenIdConnect(options =>
{
options.Events.OnRedirectToIdentityProvider = context =>
{
context.ProtocolMessage.SetParameter("audience", "api.atlassian.com");
return Task.CompletedTask;
};
});More context: #39243 and #39503
Proposed API
We can introduce a simpler and more generic solution for adding additional parameters:
namespace Microsoft.AspNetCore.Authentication.OAuth;
public class OAuthOptions : RemoteAuthenticationOptions
{
+ public IDictionary<string, string> AdditionalAuthorizationParameters { get; } = new Dictionary<string, string>();
}namespace Microsoft.AspNetCore.Authentication.OpenIdConnect;
public class OpenIdConnectOptions : RemoteAuthenticationOptions
{
+ public IDictionary<string, string> AdditionalAuthorizationParameters { get; } = new Dictionary<string, string>();
}Usage Examples
services.AddAuthentication().AddOAuth("Jira", options =>
{
options.AdditionalAuthorizationParameters.Add("audience", "api.atlassian.com");
});Risks
Nothing I can think about now.