Adds callback mode that is direct to vault

Author: DrDaveD

cli.go

@@ -187,6 +187,26 @@ func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (*api.Secret, erro
 		}
 	}
 
+	if callbackMode == "direct" {
+		data := map[string]interface{}{
+			"state":        state,
+			"client_nonce": clientNonce,
+		}
+		pollUrl := fmt.Sprintf("auth/%s/oidc/poll", mount)
+		for {
+			time.Sleep(time.Duration(interval) * time.Second)
+
+			secret, err := c.Logical().Write(pollUrl, data)
+			if err == nil {
+				return secret, nil
+			}
+			if !strings.HasSuffix(err.Error(), "authorization_pending") {
+				return nil, err
+			}
+			// authorization is pending, try again
+		}
+	}
+
 	// Start local server
 	go func() {
 		err := http.Serve(listener, nil)