Adds callback mode that is direct to vault

Author: DrDaveD

path_oidc.go

@@ -124,6 +124,26 @@ func pathOIDC(b *jwtAuthBackend) []*framework.Path {
 				},
 			},
 		},
+		{
+			Pattern: `oidc/poll`,
+			Fields: map[string]*framework.FieldSchema{
+				"state": {
+					Type: framework.TypeString,
+				},
+				"client_nonce": {
+					Type: framework.TypeString,
+				},
+			},
+			Operations: map[logical.Operation]framework.OperationHandler{
+				logical.UpdateOperation: &framework.PathOperation{
+					Callback: b.pathPoll,
+					Summary:  "Poll endpoint to complete an OIDC login.",
+
+					// state is cached so don't process OIDC logins on perf standbys
+					ForwardPerformanceStandby: true,
+				},
+			},
+		},
 		{
 			Pattern: `oidc/auth_url`,