From b6f6303d1ff0a80f4b4f16d92e022e779b16ec83 Mon Sep 17 00:00:00 2001
From: Stavros <steveiliop56@gmail.com>
Date: Fri, 19 Jun 2026 13:42:09 +0300
Subject: [PATCH] fix: use slice for oidc prompt parsing and checking

---
 internal/controller/oidc_controller.go | 11 ++++++++---
 internal/service/oidc_service.go       | 17 +++++++++--------
 2 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/internal/controller/oidc_controller.go b/internal/controller/oidc_controller.go
index 917fc3f6..af7c41ce 100644
--- a/internal/controller/oidc_controller.go
+++ b/internal/controller/oidc_controller.go
@@ -168,7 +168,7 @@ func (controller *OIDCController) authorize(c *gin.Context) {
 		return
 	}
 
-	prompt := controller.oidc.GetPrompt(req.Prompt)
+	prompts := controller.oidc.GetPrompt(req.Prompt)
 
 	userContext, err := new(model.UserContext).NewFromGin(c)
 
@@ -178,7 +178,7 @@ func (controller *OIDCController) authorize(c *gin.Context) {
 		}
 	}
 
-	if (err != nil || !userContext.Authenticated) && prompt == service.OIDCPromptNone {
+	if (err != nil || !userContext.Authenticated) && slices.Contains(prompts, service.OIDCPromptNone) {
 		controller.authorizeError(c, authorizeErrorParams{
 			err:           errors.New("user not logged in"),
 			reason:        "User not logged in",
@@ -197,7 +197,12 @@ func (controller *OIDCController) authorize(c *gin.Context) {
 		OIDCTicket: ticket,
 		OIDCScope:  req.Scope,
 		OIDCName:   client.Name,
-		OIDCPrompt: prompt,
+	}
+
+	if slices.Contains(prompts, service.OIDCPromptLogin) {
+		values.OIDCPrompt = service.OIDCPromptLogin
+	} else if slices.Contains(prompts, service.OIDCPromptNone) {
+		values.OIDCPrompt = service.OIDCPromptNone
 	}
 
 	queries, err := query.Values(values)
diff --git a/internal/service/oidc_service.go b/internal/service/oidc_service.go
index 1ec4d213..b274db81 100644
--- a/internal/service/oidc_service.go
+++ b/internal/service/oidc_service.go
@@ -947,19 +947,20 @@ func (service *OIDCService) DecodeAuthorizeJWT(tokenString string) (*AuthorizeRe
 	}, nil
 }
 
-// Return the first prompt in the list of prompts, or an empty string if no prompt is specified
-func (service *OIDCService) GetPrompt(prompt string) OIDCPrompt {
+func (service *OIDCService) GetPrompt(prompt string) []OIDCPrompt {
 	if prompt == "" {
-		return ""
+		return []OIDCPrompt{}
 	}
 
-	prompts := strings.Split(prompt, " ")
+	parsedPromps := make([]OIDCPrompt, 0)
+	prompts := strings.SplitSeq(prompt, " ")
 
-	for _, p := range prompts {
-		if slices.Contains(SupportedPrompts, p) {
-			return OIDCPrompt(p)
+	for p := range prompts {
+		if !slices.Contains(SupportedPrompts, p) {
+			continue
 		}
+		parsedPromps = append(parsedPromps, OIDCPrompt(p))
 	}
 
-	return ""
+	return parsedPromps
 }