Deprecate oidcclient.WithBrowserOpen() option, add simpler oidcclient.WithSkipBrowserOpen().

This is a more restrictive library interface that more closely matches the use cases of our new form_post login flow. Signed-off-by: Matt Moyer <moyerm@vmware.com>
2026-01-08 15:21:55 +00:00 · 2021-07-07 17:17:57 -05:00
parent 95ee9f0b00
commit ac6ff1a03c
2 changed files with 14 additions and 5 deletions
--- a/pkg/oidcclient/login.go
+++ b/pkg/oidcclient/login.go
@@ -158,6 +158,9 @@ func WithScopes(scopes []string) Option {

 // WithBrowserOpen overrides the default "open browser" functionality with a custom callback. If not specified,
 // an implementation using https://github.com/pkg/browser will be used by default.
+//
+// Deprecated: this option will be removed in a future version of Pinniped. See the
+// WithSkipBrowserOpen() option instead.
 func WithBrowserOpen(openURL func(url string) error) Option {
 	return func(h *handlerState) error {
 		h.openURL = openURL
@@ -165,6 +168,15 @@ func WithBrowserOpen(openURL func(url string) error) Option {
 	}
 }

+// WithSkipBrowserOpen causes the login to only print the authorize URL, but skips attempting to
+// open the user's default web browser.
+func WithSkipBrowserOpen() Option {
+	return func(h *handlerState) error {
+		h.openURL = func(_ string) error { return nil }
+		return nil
+	}
+}
+
 // SessionCacheKey contains the data used to select a valid session cache entry.
 type SessionCacheKey struct {
 	Issuer      string   `json:"issuer"`