diff --git a/src/pretix/base/customersso/oidc.py b/src/pretix/base/customersso/oidc.py index cb3a6d20d2..ce1c6f786c 100644 --- a/src/pretix/base/customersso/oidc.py +++ b/src/pretix/base/customersso/oidc.py @@ -24,7 +24,7 @@ import hashlib import logging import time from datetime import datetime -from urllib.parse import urlencode, urljoin +from urllib.parse import parse_qsl, urlencode, urljoin import jwt import requests @@ -139,6 +139,11 @@ def oidc_validate_and_complete_config(config): ) ) + if "query_parameters" in config and config["query_parameters"]: + config["query_parameters"] = urlencode( + parse_qsl(config["query_parameters"]) + ) + config['provider_config'] = provider_config return config @@ -154,6 +159,10 @@ def oidc_authorize_url(provider, state, redirect_uri): 'state': state, 'redirect_uri': redirect_uri, } + + if "query_parameters" in provider.configuration and provider.configuration["query_parameters"]: + params.update(parse_qsl(provider.configuration["query_parameters"])) + return endpoint + '?' + urlencode(params) diff --git a/src/pretix/control/forms/organizer.py b/src/pretix/control/forms/organizer.py index 8a4082e86a..cf2f24f8b5 100644 --- a/src/pretix/control/forms/organizer.py +++ b/src/pretix/control/forms/organizer.py @@ -1043,6 +1043,15 @@ class SSOProviderForm(I18nModelForm): label=pgettext_lazy('sso_oidc', 'Phone field'), required=False, ) + config_oidc_query_parameters = forms.CharField( + label=pgettext_lazy('sso_oidc', 'Query parameters'), + help_text=pgettext_lazy('sso_oidc', 'Optional query parameters, that will be added to calls to ' + 'the authorization endpoint. Enter as: {example}'.format( + example='param1=value1&param2=value2' + ), + ), + required=False, + ) class Meta: model = CustomerSSOProvider