Adds callback mode that is direct to vault

hashicorp · May 2, 2023 · 3f69989 · 3f69989
1 parent ac6ab28
commit 3f69989
Showing 1 changed file with 20 additions and 0 deletions.
diff --git a/path_oidc.go b/path_oidc.go
@@ -124,6 +124,26 @@ func pathOIDC(b *jwtAuthBackend) []*framework.Path {
 				},
 			},
 		},
+		{
+			Pattern: `oidc/poll`,
+			Fields: map[string]*framework.FieldSchema{
+				"state": {
+					Type: framework.TypeString,
+				},
+				"client_nonce": {
+					Type: framework.TypeString,
+				},
+			},
+			Operations: map[logical.Operation]framework.OperationHandler{
+				logical.UpdateOperation: &framework.PathOperation{
+					Callback: b.pathPoll,
+					Summary:  "Poll endpoint to complete an OIDC login.",
+
+					// state is cached so don't process OIDC logins on perf standbys
+					ForwardPerformanceStandby: true,
+				},
+			},
+		},
 		{
 			Pattern: `oidc/auth_url`,