fix: config name

conf/frpc_full.ini

@@ -51,10 +51,11 @@ oidc_audience =
 # It will be used to get an OIDC token if AuthenticationMethod == "oidc". By default, this value is "".
 oidc_token_endpoint_url =
 
-# oidc_additional_endpoint_params specifies additional parameters to be sent to the OIDC Token Endpoint.
+# oidc_additional_xxx specifies additional parameters to be sent to the OIDC Token Endpoint.
-# It will be used to get an OIDC token if AuthenticationMethod == "oidc". By default, this value is "".
+# For example, if you want to specify the "audience" parameter, you can set as follow.
-# If it's not empty, it should be a json string, like {"audience": ["https://dev.auth.com/api/v2/"]}
+# frp will add "audience=<value>" "var1=<value>" to the additional parameters.
-oidc_additional_endpoint_params = {"audience": ["https://dev.auth.com/api/v2/"], "scope": ["openid", "profile", "email"]}
+# oidc_additional_audience = https://dev.auth.com/api/v2/
+# oidc_additional_var1 = foobar
 
 # set admin address for control frpc's action by http api such as reload
 admin_addr = 127.0.0.1

pkg/auth/oidc.go

@@ -16,7 +16,6 @@ package auth
 
 import (
 	"context"
-	"encoding/json"
 	"fmt"
 
 	"github.com/fatedier/frp/pkg/msg"
@@ -43,16 +42,18 @@ type OidcClientConfig struct {
 	OidcTokenEndpointURL string `ini:"oidc_token_endpoint_url" json:"oidc_token_endpoint_url"`
 
 	// OidcAdditionalEndpointParams specifies additional parameters to be sent
-	// this field will be Unmarshal to map[string][]string
+	// this field will be transfer to map[string][]string in OIDC token generator
-	OidcAdditionalEndpointParams string `ini:"oidc_additional_endpoint_params" json:"oidc_additional_endpoint_params"`
+	// The field will be set by prefix "oidc_additional_"
+	OidcAdditionalEndpointParams map[string]string `ini:"-" json:"oidc_additional_endpoint_params"`
 }
 
 func getDefaultOidcClientConf() OidcClientConfig {
 	return OidcClientConfig{
-		OidcClientID:         "",
+		OidcClientID:                 "",
-		OidcClientSecret:     "",
+		OidcClientSecret:             "",
-		OidcAudience:         "",
+		OidcAudience:                 "",
-		OidcTokenEndpointURL: "",
+		OidcTokenEndpointURL:         "",
+		OidcAdditionalEndpointParams: make(map[string]string),
 	}
 }
 
@@ -94,11 +95,8 @@ type OidcAuthProvider struct {
 
 func NewOidcAuthSetter(baseCfg BaseConfig, cfg OidcClientConfig) *OidcAuthProvider {
 	eps := make(map[string][]string)
-	if cfg.OidcAdditionalEndpointParams != "" {
+	for k, v := range cfg.OidcAdditionalEndpointParams {
-		err := json.Unmarshal([]byte(cfg.OidcAdditionalEndpointParams), &eps)
+		eps[k] = []string{v}
-		if err != nil {
-			panic(err)
-		}
 	}
 
 	tokenGenerator := &clientcredentials.Config{

pkg/config/client.go

@@ -261,6 +261,8 @@ func UnmarshalClientConfFromIni(source interface{}) (ClientCommonConf, error) {
 	}
 
 	common.Metas = GetMapWithoutPrefix(s.KeysHash(), "meta_")
+	common.ClientConfig.OidcAdditionalEndpointParams = GetMapWithoutPrefix(s.KeysHash(), "oidc_additional_")
+
 	return common, nil
 }