Add support for defining custom query parameters for OIDC endpoints

Fixes https://jira.coreos.com/browse/QUAY-886

oauth/oidc.py

@@ -2,6 +2,7 @@ import time
 import json
 import logging
 import urlparse
+import urllib
 
 import jwt
 
@@ -65,13 +66,35 @@ class OIDCLoginService(OAuthService):
     return list(set(login_scopes) & set(supported_scopes))
 
   def authorize_endpoint(self):
-    return self._oidc_config().get('authorization_endpoint', '') + '?response_type=code&'
+    return self._get_endpoint('authorization_endpoint', response_type='code')
 
   def token_endpoint(self):
-    return self._oidc_config().get('token_endpoint')
+    return self._get_endpoint('token_endpoint')
 
   def user_endpoint(self):
-    return self._oidc_config().get('userinfo_endpoint')
+    return self._get_endpoint('userinfo_endpoint')
+
+  def _get_endpoint(self, endpoint_key, **kwargs):
+    """ Returns the OIDC endpoint with the given key found in the OIDC discovery
+        document, with the given kwargs added as query parameters. Additionally,
+        any defined parameters found in the OIDC configuration block are also
+        added.
+    """
+    endpoint = self._oidc_config().get(endpoint_key, '')
+    if not endpoint:
+      return None
+
+    (scheme, netloc, path, query, fragment) = urlparse.urlsplit(endpoint)
+
+    # Add the query parameters from the kwargs and the config.
+    custom_parameters = self.config.get('OIDC_ENDPOINT_CUSTOM_PARAMS', {}).get(endpoint_key, {})
+
+    query_params = urlparse.parse_qs(query, keep_blank_values=True)
+    query_params.update(kwargs)
+    query_params.update(custom_parameters)
+
+    updated_query = urllib.urlencode(query_params)
+    return urlparse.urlunsplit((scheme, netloc, path, updated_query, fragment))
 
   def validate(self):
     return bool(self.get_login_scopes())