Make redirect functionality with OIDC flow configurable

[cnocula-i]

The enhancement may already be reported! Please search for the enhancement before creating one.

Current Behavior:

The PR #47 introduced a functionality to redirect the browser to a protected URL. In the documentation it is stated, that a wildcard needs to be used in the callback to allow multiple targets as in:
https://dependencytrack.dev.ibmega.net/static/oidc-callback.html*

Unfortunately, we are using the Dex (https://github.com/dexidp/dex) as a provider for single sign on with our GitHub Enterprise, which does not support having wildcards in their redirectURIs configuration.

I tried to register at least the entrypoint as https://dependencytrack.dev.ibmega.net/static/oidc-callback.html?redirect=/dashboard, but that leads to a white browser page (oidc-callback.html) with a JavaScript error on the console. It would not have been practical anyway to add the whole bunch of potential redirect callbacks anyway.

I had to roll back to frontend v1.2.0

Proposed Behavior:

Make the redirection option configurable for the frontend. When turned off, the OIDC flow should just work as in version 1.2.0 with a simple static https://dependencytrack.dev.ibmega.net/static/oidc-callback.html

[timmahj]

This is also an issue with Okta.

Also an issue with Microsoft Azure AD

[Stephan84]

Also with on premises Microsoft ADFS

[erwanosouf]

Also with Google

[axelterve]

We're also having the same issues using ORY Hydra - they do not allow any wildcards in the redirect_uri. If any of you have a solution to this pls let me know :)

[jsaalfeld]

And with self-hosted gitlab.