From 01aec28467b57647e9f628b6df704fd8d05f3a5e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20Oudot?= <clement@oodo.net>
Date: Wed, 1 Apr 2015 13:00:31 +0000
Subject: [PATCH] Use prompt (#183)

---
 .../lib/Lemonldap/NG/Common/Conf/SubAttributes.pm          | 7 +++++++
 lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm   | 4 +++-
 lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm     | 2 ++
 .../lib/Lemonldap/NG/Portal/_OpenIDConnect.pm              | 4 ++++
 4 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SubAttributes.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SubAttributes.pm
index 157a2ded0..eecf134c7 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SubAttributes.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SubAttributes.pm
@@ -93,6 +93,13 @@ has 'oidcOPMetaDataOptionsJWKSTimeout' => (
     documentation => "OIDC OP JWKS data refresh interval",
 );
 
+has 'oidcOPMetaDataOptionsPrompt' => (
+    is            => 'rw',
+    isa           => 'Str|Undef',
+    default       => undef,
+    documentation => "OIDC OP prompt",
+);
+
 has 'oidcOPMetaDataOptionsScope' => (
     is            => 'rw',
     isa           => 'Str',
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm
index 69fec9ef3..456aaf249 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_Struct.pm
@@ -287,12 +287,14 @@ sub cstruct {
                         },
                         oidcOPMetaDataOptionsProtocol => {
                             _nodes => [
-                                qw(oidcOPMetaDataOptionsScope oidcOPMetaDataOptionsDisplay oidcOPMetaDataOptionsTokenEndpointAuthMethod oidcOPMetaDataOptionsCheckJWTSignature)
+                                qw(oidcOPMetaDataOptionsScope oidcOPMetaDataOptionsDisplay oidcOPMetaDataOptionsPrompt oidcOPMetaDataOptionsTokenEndpointAuthMethod oidcOPMetaDataOptionsCheckJWTSignature)
                             ],
                             oidcOPMetaDataOptionsScope =>
 "text:/oidcOPMetaDataOptions/$k2/oidcOPMetaDataOptionsScope",
                             oidcOPMetaDataOptionsDisplay =>
 "text:/oidcOPMetaDataOptions/$k2/oidcOPMetaDataOptionsDisplay",
+                            oidcOPMetaDataOptionsPrompt =>
+"text:/oidcOPMetaDataOptions/$k2/oidcOPMetaDataOptionsPrompt",
                             oidcOPMetaDataOptionsTokenEndpointAuthMethod =>
 "text:/oidcOPMetaDataOptions/$k2/oidcOPMetaDataOptionsTokenEndpointAuthMethod",
                             oidcOPMetaDataOptionsCheckJWTSignature =>
diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm
index 9dfe89506..7a53f9176 100644
--- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm
+++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_i18n.pm
@@ -280,6 +280,7 @@ sub en {
         oidcOPMetaDataOptionsDisplayName       => 'Display name',
         oidcOPMetaDataOptionsIcon              => 'Logo',
         oidcOPMetaDataOptionsJWKSTimeout       => 'JWKS data timeout',
+        oidcOPMetaDataOptionsPrompt            => 'Prompt',
         oidcOPMetaDataOptionsProtocol          => 'Protocol',
         oidcOPMetaDataOptionsScope             => 'Scope',
         oidcOPMetaDataOptionsTokenEndpointAuthMethod =>
@@ -844,6 +845,7 @@ sub fr {
         oidcOPMetaDataOptionsDisplayName      => 'Nom d\'affichage',
         oidcOPMetaDataOptionsIcon             => 'Logo',
         oidcOPMetaDataOptionsJWKSTimeout => 'Durée de vie des données JWKS',
+        oidcOPMetaDataOptionsPrompt      => 'Interaction',
         oidcOPMetaDataOptionsProtocol    => 'Protocole',
         oidcOPMetaDataOptionsScope       => 'Étendue',
         oidcOPMetaDataOptionsTokenEndpointAuthMethod =>
diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm
index 032ce4c97..9a656f591 100644
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm
@@ -235,6 +235,8 @@ sub buildAuthorizationCodeAuthnRequest {
     my $nonce = $nonceSession->id;
     my $display =
       $self->{oidcOPMetaDataOptions}->{$op}->{oidcOPMetaDataOptionsDisplay};
+    my $prompt =
+      $self->{oidcOPMetaDataOptions}->{$op}->{oidcOPMetaDataOptionsPrompt};
 
     $client_id     = uri_escape($client_id);
     $scope         = uri_escape($scope);
@@ -243,6 +245,7 @@ sub buildAuthorizationCodeAuthnRequest {
     $state         = uri_escape($state) if defined $state;
     $nonce         = uri_escape($nonce);
     $display       = uri_escape($display) if defined $display;
+    $prompt        = uri_escape($prompt) if defined $prompt;
 
     my $authn_uri = $authorize_uri;
     $authn_uri .= ( $authorize_uri =~ /\?/ ? '&' : '?' );
@@ -253,6 +256,7 @@ sub buildAuthorizationCodeAuthnRequest {
     $authn_uri .= "&state=$state"     if defined $state;
     $authn_uri .= "&nonce=$nonce"     if defined $nonce;
     $authn_uri .= "&display=$display" if defined $display;
+    $authn_uri .= "&prompt=$prompt"   if defined $prompt;
 
     $self->lmLog(
         "OpenIDConnect Authorization Code Flow Authn Request: $authn_uri",