how we could send custom query parameter for oidc? need to add this value in query parameter ( acr_values=someValue ).Ex: acr_values=345777
You will need to be a bit more specific, to which URL do you want to add custom parameters exactly (authorization, token, userinfo, logout) ?
We need to add these custom parameters with authorization
It’s not possible right now.
If you would like to work on that the authorization request is created in oidc/oidc-authenticator/src/main/java/org/xwiki/contrib/oidc/auth/OIDCAuthServiceImpl.java at master · xwiki-contrib/oidc · GitHub. I noticed that the request builder support setting custom parameter but it does not support getting a endpoint URI containing a query string (which would be a nice way to set custom parameters in the configuration IMO).
Cool, thank you so much for your help I will try as suggested.
how we could pass custom parameters inside token and userinfo?
oidc.userinfoacr_values=-AD-Kerberos?
Currently the token enpoint is used to create the token request in oidc/oidc-authenticator/src/main/java/org/xwiki/contrib/oidc/auth/internal/endpoint/CallbackOIDCEndpoint.java at master · xwiki-contrib/oidc · GitHub and the userinfo endpoint is manipulated in oidc/oidc-authenticator/src/main/java/org/xwiki/contrib/oidc/auth/internal/OIDCUserManager.java at master · xwiki-contrib/oidc · GitHub.
As I said in my previous message I feel the easiest for the user is to allow indicating custom parameters right in the configured enpoint URL (oidc.endpoint.authorization=https://xwikiorg-node1.xwikisas.com/xwiki/oidc/authorization?acr_values=someValue
) but that means parsing and cutting work in the code.
Thank you so much for your help, we are planning to configure in endpoint URL.
But why it is adding :80 in redirect_url https://xwiki.xxx.com:80/oidc/authenticator/callback
This usually suggests that you have something wrong in your general XWiki setup. It generally comes from an HTTP proxy not configured to forward the port which unfortunately is never the default in the proxies I know (see Forwarded - HTTP | MDN for more about this HTTP specification). Some reported this might also come from the application server setup (Tomcat for example).