From f5005cb1a079f68203087163b08455906d4dcd34 Mon Sep 17 00:00:00 2001
From: Eric Horacek <horacek.eric@gmail.com>
Date: Wed, 19 Jun 2024 03:56:00 -0700
Subject: [PATCH] feat: Add support for an authorize URL override (#854)

Co-authored-by: Desu Sai Venkat <48179357+desusai7@users.noreply.github.com>
---
 Auth0/Auth0WebAuth.swift     |  8 +++++++-
 Auth0/WebAuth.swift          |  6 ++++++
 Auth0Tests/WebAuthSpec.swift | 14 ++++++++++++++
 3 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/Auth0/Auth0WebAuth.swift b/Auth0/Auth0WebAuth.swift
index 752b93dd..3564fa9f 100644
--- a/Auth0/Auth0WebAuth.swift
+++ b/Auth0/Auth0WebAuth.swift
@@ -28,6 +28,7 @@ final class Auth0WebAuth: WebAuth {
     private(set) var maxAge: Int?
     private(set) var organization: String?
     private(set) var invitationURL: URL?
+    private(set) var overrideAuthorizeURL: URL?
     private(set) var provider: WebAuthProvider?
     private(set) var onCloseCallback: (() -> Void)?
 
@@ -102,6 +103,11 @@ final class Auth0WebAuth: WebAuth {
         return self
     }
 
+    func authorizeURL(_ authorizeURL: URL) -> Self {
+        self.overrideAuthorizeURL = authorizeURL
+        return self
+    }
+
     func nonce(_ nonce: String) -> Self {
         self.nonce = nonce
         return self
@@ -245,7 +251,7 @@ final class Auth0WebAuth: WebAuth {
                            state: String?,
                            organization: String?,
                            invitation: String?) -> URL {
-        let authorize = URL(string: "authorize", relativeTo: self.url)!
+        let authorize = self.overrideAuthorizeURL ?? URL(string: "authorize", relativeTo: self.url)!
         var components = URLComponents(url: authorize, resolvingAgainstBaseURL: true)!
         var items: [URLQueryItem] = []
         var entries = defaults
diff --git a/Auth0/WebAuth.swift b/Auth0/WebAuth.swift
index 3fee5027..be81b797 100644
--- a/Auth0/WebAuth.swift
+++ b/Auth0/WebAuth.swift
@@ -93,6 +93,12 @@ public protocol WebAuth: Trackable, Loggable {
     /// - Returns: The same `WebAuth` instance to allow method chaining.
     func redirectURL(_ redirectURL: URL) -> Self
 
+    /// Specify a custom authorize URL to be used.
+    ///
+    /// - Parameter authorizeURL: Custom authorize URL.
+    /// - Returns: The same `WebAuth` instance to allow method chaining.
+    func authorizeURL(_ authorizeURL: URL) -> Self
+
     /// Specify an audience name for the API that your application will call using the access token returned after
     /// authentication.
     /// This value must match the **API Identifier** displayed in the APIs section of the [Auth0 Dashboard](https://manage.auth0.com/#/apis).
diff --git a/Auth0Tests/WebAuthSpec.swift b/Auth0Tests/WebAuthSpec.swift
index 54b6e362..e36dcda0 100644
--- a/Auth0Tests/WebAuthSpec.swift
+++ b/Auth0Tests/WebAuthSpec.swift
@@ -283,6 +283,16 @@ class WebAuthSpec: QuickSpec {
                 ]
             }
 
+            itBehavesLike(ValidAuthorizeURLExample) {
+                return [
+                    "url": newWebAuth()
+                        .authorizeURL(URL(string: "https://example.com/authorize")!)
+                        .buildAuthorizeURL(withRedirectURL: RedirectURL, defaults: defaults, state: State, organization: nil, invitation: nil),
+                    "domain": "example.com",
+                    "query": defaultQuery(),
+                ]
+            }
+
             context("encoding") {
                 
                 it("should encode + as %2B"){
@@ -294,6 +304,10 @@ class WebAuthSpec: QuickSpec {
                 
             }
 
+            it("should build with a custom authorize url") {
+                let url = URL(string: "https://example.com/authorize")!
+                expect(newWebAuth().authorizeURL(url).overrideAuthorizeURL) == url
+            }
         }
 
         describe("redirect uri") {