diff --git a/src/keycloak/keycloak_openid.py b/src/keycloak/keycloak_openid.py index ad608d0..b44915f 100644 --- a/src/keycloak/keycloak_openid.py +++ b/src/keycloak/keycloak_openid.py @@ -174,7 +174,7 @@ class KeycloakOpenID: return raise_error_from_response(data_raw, KeycloakGetError) - def auth_url(self, redirect_uri): + def auth_url(self, redirect_uri, scope="email", state=""): """ http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint @@ -185,6 +185,8 @@ class KeycloakOpenID: "authorization-endpoint": self.well_known()["authorization_endpoint"], "client-id": self.client_id, "redirect-uri": redirect_uri, + "scope": scope, + "state": state, } return URL_AUTH.format(**params_path) diff --git a/src/keycloak/urls_patterns.py b/src/keycloak/urls_patterns.py index 3ec134c..18b1951 100644 --- a/src/keycloak/urls_patterns.py +++ b/src/keycloak/urls_patterns.py @@ -32,6 +32,7 @@ URL_INTROSPECT = "realms/{realm-name}/protocol/openid-connect/token/introspect" URL_ENTITLEMENT = "realms/{realm-name}/authz/entitlement/{resource-server-id}" URL_AUTH = ( "{authorization-endpoint}?client_id={client-id}&response_type=code&redirect_uri={redirect-uri}" + "&scope={scope}&state={state} " ) # ADMIN URLS