[Feature] Pass parameters to authorization URL (claims_in_tokens)

[olifre]

The Unity IAM as used e.g. by the Helmholtz AAI has gained a new extension:
https://github.com/unity-idm/unity/blob/c62f384c5a77556b10491837a76e76ec76ce47de/documentation/src/main/doc/endpoint-oauth.txt#L147-L165

This can be triggered by passing claims_in_tokens to the authorization URL. Allowed values are id_token and token, they can also be combined (space-separated).

It would be nice if oidc-agent would directly support attaching these to the authorization_url. Alternatively, adding custom parameters to the authorization_url for such specialized use cases may be a more generic way to implement this.

[zachmann]

I'm aware of this. And indeed I prefer a generic way to add custom parameters.

As a temporary work around you can do the following:
So while the agent currently does not have support for custom parameters. It is still possible to get it working with the agent.

When the authorization url is printed (and automatically opened) - ignore the opened one - copy the printed url and append the parameter, e.g. "&claims_in_tokens=token". Rest as normal. - The ATs obtained from this account config now are fat with the additional parameters.

[olifre]

• ignore the opened one - copy the printed url and append the parameter, e.g. "&claims_in_tokens=token". Rest as normal. - The ATs obtained from this account config now are fat with the additional parameters.

Indeed, this is exactly what I am doing right now as workaround — I just wanted to reflect the feature in an issue to get a more streamlined version for the future 😉 . Thanks in advance, also for following up on these developments!