feat: Add support for an authorize URL override (#854)

Co-authored-by: Desu Sai Venkat <[email protected]>
auth0 · Jun 19, 2024 · f5005cb · f5005cb
1 parent 1c3e758
commit f5005cb
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 1 deletion.
diff --git a/Auth0/Auth0WebAuth.swift b/Auth0/Auth0WebAuth.swift
@@ -28,6 +28,7 @@ final class Auth0WebAuth: WebAuth {
     private(set) var maxAge: Int?
     private(set) var organization: String?
     private(set) var invitationURL: URL?
+    private(set) var overrideAuthorizeURL: URL?
     private(set) var provider: WebAuthProvider?
     private(set) var onCloseCallback: (() -> Void)?
 
@@ -102,6 +103,11 @@ final class Auth0WebAuth: WebAuth {
         return self
     }
 
+    func authorizeURL(_ authorizeURL: URL) -> Self {
+        self.overrideAuthorizeURL = authorizeURL
+        return self
+    }
+
     func nonce(_ nonce: String) -> Self {
         self.nonce = nonce
         return self
@@ -245,7 +251,7 @@ final class Auth0WebAuth: WebAuth {
                            state: String?,
                            organization: String?,
                            invitation: String?) -> URL {
-        let authorize = URL(string: "authorize", relativeTo: self.url)!
+        let authorize = self.overrideAuthorizeURL ?? URL(string: "authorize", relativeTo: self.url)!
         var components = URLComponents(url: authorize, resolvingAgainstBaseURL: true)!
         var items: [URLQueryItem] = []
         var entries = defaults

diff --git a/Auth0/WebAuth.swift b/Auth0/WebAuth.swift
@@ -93,6 +93,12 @@ public protocol WebAuth: Trackable, Loggable {
     /// - Returns: The same `WebAuth` instance to allow method chaining.
     func redirectURL(_ redirectURL: URL) -> Self
 
+    /// Specify a custom authorize URL to be used.
+    ///
+    /// - Parameter authorizeURL: Custom authorize URL.
+    /// - Returns: The same `WebAuth` instance to allow method chaining.
+    func authorizeURL(_ authorizeURL: URL) -> Self
+
     /// Specify an audience name for the API that your application will call using the access token returned after
     /// authentication.
     /// This value must match the **API Identifier** displayed in the APIs section of the [Auth0 Dashboard](https://manage.auth0.com/#/apis).

diff --git a/Auth0Tests/WebAuthSpec.swift b/Auth0Tests/WebAuthSpec.swift
@@ -283,6 +283,16 @@ class WebAuthSpec: QuickSpec {
                 ]
             }
 
+            itBehavesLike(ValidAuthorizeURLExample) {
+                return [
+                    "url": newWebAuth()
+                        .authorizeURL(URL(string: "https://example.com/authorize")!)
+                        .buildAuthorizeURL(withRedirectURL: RedirectURL, defaults: defaults, state: State, organization: nil, invitation: nil),
+                    "domain": "example.com",
+                    "query": defaultQuery(),
+                ]
+            }
+
             context("encoding") {
 
                 it("should encode + as %2B"){
@@ -294,6 +304,10 @@ class WebAuthSpec: QuickSpec {
 
             }
 
+            it("should build with a custom authorize url") {
+                let url = URL(string: "https://example.com/authorize")!
+                expect(newWebAuth().authorizeURL(url).overrideAuthorizeURL) == url
+            }
         }
 
         describe("redirect uri") {