Add support to SOCIAL_AUTH_OIDC_PROMPT and others

social_core/backends/open_id_connect.py

@@ -64,6 +64,14 @@
     USERINFO_URL = ""
     JWKS_URI = ""
     TOKEN_ENDPOINT_AUTH_METHOD = ""
+    # Optional parameters for Authentication Request
+    DISPLAY = None
+    PROMPT = None
+    MAX_AGE = None
+    UI_LOCALES = None
+    ID_TOKEN_HINT = None
+    LOGIN_HINT = None
+    ACR_VALUES = None
 
     def __init__(self, *args, **kwargs):
         self.id_token = None
@@ -131,6 +139,53 @@
         """Return extra arguments needed on auth process."""
         params = super().auth_params(state)
         params["nonce"] = self.get_and_store_nonce(self.authorization_url(), state)
+
+        display = self.setting("DISPLAY", default=self.DISPLAY)
+        if display is not None:
+            if not display:
+                raise ValueError("OpenID Connect display value cannot be empty string.")
+
+            if display not in ("page", "popup", "touch", "wap"):
+                raise ValueError(f"Invalid OpenID Connect display value: {display}")
+
+            params["display"] = display
+
+        prompt = self.setting("PROMPT", default=self.PROMPT)
+        if prompt is not None:
+            if not prompt:
+                raise ValueError("OpenID Connect prompt value cannot be empty string.")
+
+            for prompt_token in prompt.split():
+                if prompt_token not in ("none", "login", "consent", "select_account"):
+                    raise ValueError(
+                        f"Invalid OpenID Connect prompt value: {prompt_token}"
+                    )
+
+            params["prompt"] = prompt
+
+        max_age = self.setting("MAX_AGE", default=self.MAX_AGE)
+        if max_age is not None:
+            if max_age < 0:
+                raise ValueError("OpenID Connect max_age cannot be negative.")
+
+            params["max_age"] = max_age
+
+        ui_locales = self.setting("UI_LOCALES", default=self.UI_LOCALES)
+        if ui_locales is not None:
+            raise ValueError("OpenID Connect ui_locales is not implemented.")
+
+        id_token_hint = self.setting("ID_TOKEN_HINT", default=self.ID_TOKEN_HINT)
+        if id_token_hint is not None:
+            raise ValueError("OpenID Connect id_token_hint is not implemented.")
+
+        login_hint = self.setting("LOGIN_HINT", default=self.LOGIN_HINT)
+        if login_hint is not None:
+            raise ValueError("OpenID Connect login_hint is not implemented.")
+
+        acr_values = self.setting("ACR_VALUES", default=self.ACR_VALUES)
+        if acr_values is not None:
+            raise ValueError("OpenID Connect acr_values is not implemented.")
+
         return params
 
     def get_and_store_nonce(self, url, state):