feat: add authorization url customization

kalinjul · Jun 18, 2024 · 0f783b4 · 0f783b4
1 parent d86b250
commit 0f783b4
Show file tree

Hide file tree

Showing 6 changed files with 81 additions and 9 deletions.
diff --git a/README.md b/README.md
@@ -142,6 +142,16 @@ client.endSession(idToken = idToken) {
 }
 ```
 
+```kotlin
+val tokens = flow.getAccessToken(configureAuthUrl = {
+    // customize url that is passed to browser for authorization requests
+    parameters.append("prompt", "login")
+}, configureTokenExchange = {
+    // customize token exchange http request
+    header("additionalHeaderField", "value")
+})
+```
+
 # JWT Parsing
 We provide simple JWT parsing (without any validation):
 ```kotlin

diff --git a/docs/ios/README.md b/docs/ios/README.md
@@ -91,6 +91,17 @@ try await client.endSession(idToken: idToken) { requestBuilder in
 }
 ```
 
+```swift
+try await flow.getAccessToken(
+    configureAuthUrl: { urlBuilder in
+        urlBuilder.parameters.append(name: "prompt", value: "login")
+    },
+    configureTokenExchange: { requestBuilder in
+            requestBuilder.headers.append(name: "additionalHeaderField", value: "value")
+    }
+)
+```
+
 # JWT Parsing
 We provide simple JWT parsing:
 ```swift

diff --git a/oidc-appsupport/src/androidUnitTest/kotlin/README.kt b/oidc-appsupport/src/androidUnitTest/kotlin/README.kt
@@ -1,5 +1,6 @@
 import android.os.Bundle
 import androidx.activity.ComponentActivity
+import io.ktor.client.request.header
 import org.publicvalue.multiplatform.oidc.ExperimentalOpenIdConnect
 import org.publicvalue.multiplatform.oidc.OpenIdConnectClient
 import org.publicvalue.multiplatform.oidc.appsupport.AndroidCodeAuthFlowFactory
@@ -75,6 +76,16 @@ object README {
         }
     }
 
+    // Custom parameters in authorization request / exchange token request
+    suspend fun `Custom auth request`() {
+        val flow = authFlowFactory.createAuthFlow(client)
+        val tokens = flow.getAccessToken(configureAuthUrl = {
+            parameters.append("prompt", "login")
+        }, configureTokenExchange = {
+            header("additionalHeaderField", "value")
+        })
+    }
+
     // We provide simple JWT parsing
     fun `We_provide_simple_JWT_parsing`() {
         val tokens = AccessTokenResponse("abc")

diff --git a/oidc-core/src/commonMain/kotlin/org/publicvalue/multiplatform/oidc/flows/CodeAuthFlow.kt b/oidc-core/src/commonMain/kotlin/org/publicvalue/multiplatform/oidc/flows/CodeAuthFlow.kt
@@ -1,6 +1,7 @@
 package org.publicvalue.multiplatform.oidc.flows
 
 import io.ktor.client.request.HttpRequestBuilder
+import io.ktor.http.URLBuilder
 import org.publicvalue.multiplatform.oidc.OpenIdConnectClient
 import org.publicvalue.multiplatform.oidc.OpenIdConnectException
 import org.publicvalue.multiplatform.oidc.types.AuthCodeRequest
@@ -29,7 +30,7 @@ abstract class CodeAuthFlow(val client: OpenIdConnectClient) {
      */
     @Suppress("unused")
     @Throws(CancellationException::class, OpenIdConnectException::class)
-    suspend fun getAccessToken(): AccessTokenResponse = getAccessToken(null)
+    suspend fun getAccessToken(): AccessTokenResponse = getAccessToken(null, null)
 
     /**
      * Start the authorization flow to request an access token.
@@ -39,12 +40,30 @@ abstract class CodeAuthFlow(val client: OpenIdConnectClient) {
      */
     @Suppress("unused")
     @Throws(CancellationException::class, OpenIdConnectException::class)
-    suspend fun getAccessToken(configure: (HttpRequestBuilder.() -> Unit)? = null): AccessTokenResponse = wrapExceptions {
+    @Deprecated(
+        message = "Use getAccessToken(configureAuthUrl, configureTokenExchange) instead",
+        replaceWith = ReplaceWith("getAccessToken(configureAuthUrl = null, configureTokenExchange = configure)")
+    )
+    suspend fun getAccessToken(configure: (HttpRequestBuilder.() -> Unit)? = null): AccessTokenResponse = getAccessToken(null, configure)
+
+    /**
+     * Start the authorization flow to request an access token.
+     *
+     * @param configureAuthUrl configuration closure to configure the auth url passed to browser
+     * @param configureTokenExchange configuration closure to configure the http request builder with (will _not_
+     * be used for discovery if necessary)
+     */
+    @Suppress("unused")
+    @Throws(CancellationException::class, OpenIdConnectException::class)
+    suspend fun getAccessToken(
+        configureAuthUrl: (URLBuilder.() -> Unit)? = null,
+        configureTokenExchange: (HttpRequestBuilder.() -> Unit)? = null
+    ): AccessTokenResponse = wrapExceptions {
         if (!client.config.discoveryUri.isNullOrEmpty()) {
             client.discover()
         }
-        val request = client.createAuthorizationCodeRequest()
-        return getAccessToken(request, configure)
+        val request = client.createAuthorizationCodeRequest(configureAuthUrl)
+        return getAccessToken(request, configureTokenExchange)
     }
 
     private suspend fun getAccessToken(request: AuthCodeRequest, configure: (HttpRequestBuilder.() -> Unit)?): AccessTokenResponse {

diff --git a/sample-app/ios-app/iosApp/Readme.swift b/sample-app/ios-app/iosApp/Readme.swift
@@ -66,14 +66,31 @@ struct Readme {
 
     // Perform refresh or endSession:
     func _3() async throws {
-        try await client.refreshToken(refreshToken: "") { builder in
-            builder.headers.append(name: "Accept", value: "application/json")
-            builder.build()
-        }
         try await client.refreshToken(refreshToken: tokens.refresh_token!)
         try await client.endSession(idToken: tokens.id_token!)
     }
 
+    // customize endSession request:
+    func _3a() async throws {
+        try await client.endSession(idToken: "") { requestBuilder in
+            requestBuilder.headers.append(name: "X-CUSTOM-HEADER", value: "value")
+            requestBuilder.url.parameters.append(name: "custom_parameter", value: "value")
+        }
+    }
+
+    // customize getAccessToken request:
+    func _3b() async throws {
+        let flow = CodeAuthFlow(client: client)
+        try await flow.getAccessToken(
+            configureAuthUrl: { urlBuilder in
+                urlBuilder.parameters.append(name: "prompt", value: "login")
+            },
+            configureTokenExchange: { requestBuilder in
+                requestBuilder.headers.append(name: "additionalHeaderField", value: "value")
+            }
+        )
+    }
+
     // We provide simple JWT parsing:
     func _4() {
         let jwt = tokens.id_token.map { try! JwtParser.shared.parse(from: $0) }

diff --git a/...red/src/commonMain/kotlin/org/publicvalue/multiplatform/oidc/sample/home/HomePresenter.kt b/...red/src/commonMain/kotlin/org/publicvalue/multiplatform/oidc/sample/home/HomePresenter.kt
@@ -89,7 +89,11 @@ class HomePresenter(
                     if (client != null) {
                         scope.launch {
                             catchErrorMessage {
-                                val newTokens = authFlowFactory.createAuthFlow(client).getAccessToken()
+                                val newTokens = authFlowFactory.createAuthFlow(client).getAccessToken(
+                                    configureAuthUrl = {
+                                        parameters.append("prompt", "login")
+                                    }
+                                )
                                 updateTokenResponse(newTokens)
                             }
                         }