diff --git a/src/main/java/com/microsoft/jenkins/azuread/AzureSecurityRealm.java b/src/main/java/com/microsoft/jenkins/azuread/AzureSecurityRealm.java index 56ba2ecc..6c296f2a 100644 --- a/src/main/java/com/microsoft/jenkins/azuread/AzureSecurityRealm.java +++ b/src/main/java/com/microsoft/jenkins/azuread/AzureSecurityRealm.java @@ -123,6 +123,7 @@ public class AzureSecurityRealm extends SecurityRealm { private static final int BAD_REQUEST = 400; public static final String CONVERTER_DISABLE_GRAPH_INTEGRATION = "disableGraphIntegration"; public static final String CONVERTER_SINGLE_LOGOUT = "singleLogout"; + public static final String CONVERTER_PROMPT_ACCOUNT = "promptAccount"; public static final String CONVERTER_ENVIRONMENT_NAME = "environmentName"; private Cache caches; @@ -132,6 +133,7 @@ public class AzureSecurityRealm extends SecurityRealm { private Secret tenant; private int cacheDuration; private boolean fromRequest = false; + private boolean promptAccount; private boolean singleLogout; private boolean disableGraphIntegration; private String azureEnvironmentName = "Azure"; @@ -162,6 +164,14 @@ ClientSecretCredential getClientSecretCredential() { .build(); } + public boolean isPromptAccount() { + return promptAccount; + } + + @DataBoundSetter + public void setPromptAccount(boolean promptAccount) { + this.promptAccount = promptAccount; + } public boolean isSingleLogout() { return singleLogout; @@ -317,6 +327,9 @@ public HttpResponse doCommenceLogin(StaplerRequest request, @Header("Referer") f Map additionalParams = new HashMap<>(); additionalParams.put("nonce", nonce); additionalParams.put("response_mode", "form_post"); + if (promptAccount) { + additionalParams.put("prompt", "select_account"); + } return new HttpRedirect(service.getAuthorizationUrl(additionalParams)); } @@ -631,6 +644,10 @@ public void marshal(Object source, HierarchicalStreamWriter writer, MarshallingC writer.setValue(String.valueOf(realm.isDisableGraphIntegration())); writer.endNode(); + writer.startNode(CONVERTER_PROMPT_ACCOUNT); + writer.setValue(String.valueOf(realm.isPromptAccount())); + writer.endNode(); + writer.startNode(CONVERTER_SINGLE_LOGOUT); writer.setValue(String.valueOf(realm.isSingleLogout())); writer.endNode(); @@ -665,6 +682,9 @@ public Object unmarshal(HierarchicalStreamReader reader, UnmarshallingContext co case CONVERTER_DISABLE_GRAPH_INTEGRATION: realm.setDisableGraphIntegration(Boolean.parseBoolean(value)); break; + case CONVERTER_PROMPT_ACCOUNT: + realm.setPromptAccount(Boolean.parseBoolean(value)); + break; case CONVERTER_SINGLE_LOGOUT: realm.setSingleLogout(Boolean.parseBoolean(value)); break; diff --git a/src/main/resources/com/microsoft/jenkins/azuread/AzureSecurityRealm/config.jelly b/src/main/resources/com/microsoft/jenkins/azuread/AzureSecurityRealm/config.jelly index 0f345ac4..4f526352 100644 --- a/src/main/resources/com/microsoft/jenkins/azuread/AzureSecurityRealm/config.jelly +++ b/src/main/resources/com/microsoft/jenkins/azuread/AzureSecurityRealm/config.jelly @@ -30,6 +30,10 @@ + + + +