By: ved singh user 06 Jan 2018 at 9:56 p.m. CST

5 Responses
ved singh gravatar
Hi, Is it possible to redirect to Gluu login page from service provider website and pass in a query parameter.Currently the parameter is lost. So after redirect when user lands on gluu idp login page it looks something like this: https://<idp-gluu-host>/oxauth/login?hash=vhFp2H3EcRDIjWkQ== Thanks.

By Thomas Gasmyr Mougang staff 07 Jan 2018 at 2:02 a.m. CST

Thomas Gasmyr Mougang gravatar
Hi, Can you provide more information. What are you attempting to do with that parameter? Why to you want to redirect to **Gluu** login page with a parameter? Please be more specific so that we can help.

By ved singh user 07 Jan 2018 at 6:22 p.m. CST

ved singh gravatar
Thanks Thomas for replying and apologies for been vague. This token will be generated by SP which will used to identify some condition and context.For things like: - Putting contextual message on login screen - To post/get data from/to the SP. For example to implement remember-me use case, we plan to store this token in cookie and on page load this token will be used to fetch user data from SP and then do auto-submit. Thanks

By Michael Schwartz staff 08 Jan 2018 at 1:53 p.m. CST

Michael Schwartz gravatar
Depends what version you are using. In version 3.1.1 I think it's supported. I know it will be supported in version 3.1.2 As a workaround, you can send a JSON object as the state param. For example: ``` state={"salt":"abc123", "param1":"spam", "param2":"eggs"} ``` It's important to have a random salt value, so the state param is not static or guessable. You can pick up the state param in a custom authentication script, like the [Passport authn script](https://github.com/GluuFederation/oxAuth/blob/master/Server/integrations/passport/PassportExternalAuthenticator.py) ``` identity = CdiUtil.bean(Identity) sessionId = identity.getSessionId() sessionAttribute = sessionId.getSessionAttributes() print "session %s" % sessionAttribute oldState = sessionAttribute.get("state") ```

By ved singh user 08 Jan 2018 at 11:29 p.m. CST

ved singh gravatar
Thanks Michael. Quick question - how do I set the state param? The state is passed to Gluu as a query parameter. Is it that any query parameter added to Gluu login url gets added to sessionAttribute? Is yes, then I should be able to get the value like this: ``` <h:outputLabel styleClass="control-label" value="#{identity.sessionId.sessionAttributes['state']}" /> ```

By Thomas Gasmyr Mougang staff 09 Jan 2018 at 2:25 p.m. CST

Thomas Gasmyr Mougang gravatar
Hi Ved, Here is a simple request: https://gluu.gasmyr.com/oxauth/restv1/authorize?response_type=code&scope=openid%20profile%20email&client_id=%40!29D2.E032.E092.C475!0001!D895.0D17!0008!2123.2050.07CF.A7E4&state=8UwGdSPw1fpIPnAdpP38Vq61Z08&redirect_uri=https%3A%2F%2Foic.gasmyr.com%2Fcallback&nonce=EItbfI0bCJls96OWSdk0m28bOSTQAWtMP93tJCRQLls As you can see there is a parameter named **state** in that request. As Michael states **you can send that state parameter as a JSON object**. Changing state parameter to JSON object allow to you to add one or more custom parameters as json field and use **custom authentication script** to retrieve theses values on Gluu server side. This mean that custom authentication knows about the state parameter and all you have to do is get that parameter and retrieve the fields you have added. Thanks!