fix: Support the auth_url method called with scope & state params now

3 years ago · e4c0ff2c7d
2 changed files with 4 additions and 1 deletions
--- a/src/keycloak/keycloak_openid.py
+++ b/src/keycloak/keycloak_openid.py
@ -174,7 +174,7 @@ class KeycloakOpenID:

        return raise_error_from_response(data_raw, KeycloakGetError)

-    def auth_url(self, redirect_uri):
+    def auth_url(self, redirect_uri, scope="email", state=""):
        """

        http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint
@ -185,6 +185,8 @@ class KeycloakOpenID:
            "authorization-endpoint": self.well_known()["authorization_endpoint"],
            "client-id": self.client_id,
            "redirect-uri": redirect_uri,
+            "scope": scope,
+            "state": state,
        }
        return URL_AUTH.format(**params_path)

--- a/src/keycloak/urls_patterns.py
+++ b/src/keycloak/urls_patterns.py
@ -32,6 +32,7 @@ URL_INTROSPECT = "realms/{realm-name}/protocol/openid-connect/token/introspect"
 URL_ENTITLEMENT = "realms/{realm-name}/authz/entitlement/{resource-server-id}"
 URL_AUTH = (
    "{authorization-endpoint}?client_id={client-id}&response_type=code&redirect_uri={redirect-uri}"
+    "&scope={scope}&state={state} "
 )

 # ADMIN URLS