Custom authority url param added to authorize

src/auth/index.js

@@ -54,13 +54,15 @@ export default class Auth {
    * @param {String} parameters.scope a space-separated list of scopes that you want the user to consent to.
    * @param {String} parameters.prompt (optional) indicates the type of user interaction that is required.
    *    The only valid values at this time are 'login', 'none', and 'consent'.
+   * @param {String} parameters.authorityUrl (optional)the authorityUrl for signup or other flows directly
    * @returns {String} authorize url with specified parameters to redirect to for AuthZ/AuthN.
    *
    * @see https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code
    *
    * @memberof Auth
    */
     loginUrl(parameters = {}) {
+        const {authorityUrl, ...restParameters} = parameters;
         const query = validate({
             parameters: {
                 responseType: { required: true, toName: 'response_type' },
@@ -69,12 +71,12 @@ export default class Auth {
                 prompt: {}
             },
             validate: false // not declared params are allowed:
-        }, parameters)
+        }, restParameters)
         return this.client.url('authorize',
             {...query,
                 client_id: this.clientId,
                 redirect_uri: this.redirectUri
-            })
+            }, authorityUrl)
     }
 
     /**
@@ -99,27 +101,29 @@ export default class Auth {
    * @param {String} input.code code returned by `/authorize`.
    * @param {String} input.redirectUri original redirectUri used when calling `/authorize`.
    * @param {String} input.scope A space-separated list of scopes.
+   * @param {String} input.authorityUrl A space-separated list of scopes.
    *    The scopes requested in this leg must be equivalent to or a subset of the scopes requested in the first leg
    * @returns {Promise}
    * @see https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code#request-an-access-token
    *
    * @memberof Auth
    */
     exchange(input = {}) {
+        const {authorityUrl, ...restInput} = input;
         const payload = validate({
             parameters: {
                 code: { required: true },
                 scope: { required: true },
                 code_verifier: { required: true },
             }
-        }, input)
+        }, restInput)
 
         return this.client
             .post('token',
                 {...payload,
                     client_id: this.clientId,
                     redirect_uri: this.redirectUri,
-                    grant_type: 'authorization_code'})
+                    grant_type: 'authorization_code'}, authorityUrl)
             .then(responseHandler)
     }
 

src/networking/index.js

@@ -38,8 +38,8 @@ export default class Client {
         }
     }
 
-    post(path, body) {
-        let url = this.url(path)
+    post(path, body, authorityUrl) {
+        let url = this.url(path, null, authorityUrl)
         return this.request('POST', url, body)
     }
 
@@ -51,8 +51,9 @@ export default class Client {
         return this.request('GET', this.url(path, query))
     }
 
-    url(path, query) {
-        let endpoint = url.resolve(this.baseUrl, path)
+    url(path, query, authorityUrl) {
+        const baseAuthorityUrl = authorityUrl ? `https://${authorityUrl}`: this.baseUrl;
+        let endpoint = url.resolve(baseAuthorityUrl, path)
         if (query && query.length !== 0) {
             const parsed = url.parse(endpoint)
             parsed.query = query || {}

src/webauth/index.js

@@ -37,6 +37,7 @@ export default class WebAuth {
    *    The only valid values are 'login', 'none', 'consent', and 'select_account'.
    *    @see https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
    * @param {Boolean} [options.ephemeralSession] SSO. It only affects iOS with versions 13 and above.
+   * @param {String} options.authorityUrl (optional)the authorityUrl for signup or other flows directly
    * @returns {Promise<BaseTokenItem | AccessTokenItem>}
    *
    * @memberof WebAuth
@@ -98,7 +99,8 @@ export default class WebAuth {
         const tokenResponse = await client.exchange({
             code,
             scope: scope.toString(),
-            code_verifier: verifier
+            code_verifier: verifier,
+            authorityUrl: options?.authorityUrl
         })
 
         if (tokenResponse.refreshToken) {

types/index.d.ts

@@ -66,7 +66,7 @@ declare class Client {
   bearer: string;
   get(path: string, query: string): Promise<void>;
   patch(path: string, body: any): Promise<void>;
-  post(path: string, body: any): Promise<void>;
+  post(path: string, body: any, authorityUrl?: string): Promise<void>;
   /**
    * Helper function to send HTTP requests
    *
@@ -75,7 +75,7 @@ declare class Client {
    * @param {Object} [body] - request body
    */
   request(method: string, url: string, body?: any): Promise<ClientResponse>;
-  url(path: string, query?: string): string;
+  url(path: string, query?: string, authorityUrl?: string): string;
 }
 
 /**
@@ -224,6 +224,7 @@ declare class Auth {
    * @param {String} input.code code returned by `/authorize`.
    * @param {String} input.redirectUri original redirectUri used when calling `/authorize`.
    * @param {String} input.scope A space-separated list of scopes.
+   * @param {String} input.authorityUrl A space-separated list of scopes.
    *    The scopes requested in this leg must be equivalent to or a subset of the scopes requested in the first leg
    *
    * @see https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code#request-an-access-token
@@ -232,6 +233,7 @@ declare class Auth {
     code: string;
     redirectUri: string;
     scope: string;
+    authorityUrl?: string;
   }): Promise<void>;
   /**
    * Builds the full authorize endpoint url in the Authorization Server (AS) with given parameters.
@@ -307,6 +309,7 @@ declare class WebAuth {
   authorize(options: {
     prompt?: string;
     scope?: string;
+    authorityUrl?: string;
   }): Promise<BaseTokenItem & Partial<AccessTokenItem>>;
   /**
    *  Removes Azure session