generateSignInUri function

Uri generateSignInUri({
  1. required String authorizationEndpoint,
  2. required dynamic clientId,
  3. required String redirectUri,
  4. required String codeChallenge,
  5. required String state,
  6. String prompt = _prompt,
  7. List<String>? scopes,
  8. List<String>? resources,
  9. String? loginHint,
  10. @Deprecated('Legacy parameter, use firstScreen instead') InteractionMode? interactionMode,
  11. String? directSignIn,
  12. FirstScreen? firstScreen,
  13. List<IdentifierType>? identifiers,
  14. Map<String, String>? extraParams,
})

Generate the sign-in URI (Authorization URI). This URI will be used to initiate the OIDC authentication flow.

Implementation

Uri generateSignInUri({
  required String authorizationEndpoint,
  required clientId,
  required String redirectUri,
  required String codeChallenge,
  required String state,
  String prompt = _prompt,
  List<String>? scopes,
  List<String>? resources,
  String? loginHint,
  @Deprecated('Legacy parameter, use firstScreen instead')
  InteractionMode? interactionMode,
  /**
   * Direct sign-in is a feature that allows you to skip the sign-in page,
   * and directly sign in the user using a specific social or sso connector.
   *
   * The format should be `social:{connectorTarget}` or `sso:{connectorId}`.
   */
  String? directSignIn,
  /**
   * The first screen to be shown in the sign-in experience.
   */
  FirstScreen? firstScreen,
  /**
   * Identifier type of the first screen to be shown in the sign-in experience.
   *
   * This parameter is applicable only when the `firstScreen` is set to
   *  either `identifierSignIn` or `identifierRegister
   */
  List<IdentifierType>? identifiers,
  /**
   * Extra parameters to be added to the sign-in URI.
   */
  Map<String, String>? extraParams,
}) {
  assert(
    isValidDirectSignInFormat(directSignIn),
    'Invalid format for directSignIn: $directSignIn, '
    'expected one of `social:{connector}` or `sso:{connector}`',
  );

  var signInUri = Uri.parse(authorizationEndpoint);

  Map<String, dynamic> queryParameters = {
    'client_id': clientId,
    'redirect_uri': redirectUri,
    'code_challenge': codeChallenge,
    'code_challenge_method': _codeChallengeMethod,
    'state': state,
    'scope': withReservedScopes(scopes ?? []).join(' '),
    'response_type': _responseType,
    'prompt': prompt,
  };

  // Auto add organization resource if scopes contains organization scope
  if (scopes != null && scopes.contains(LogtoUserScope.organizations.value)) {
    resources ??= [];

    if (!resources.contains(LogtoReservedResource.organization.value)) {
      resources.add(LogtoReservedResource.organization.value);
    }
  }

  if (resources != null && resources.isNotEmpty) {
    queryParameters.addAll({'resource': resources});
  }

  if (loginHint != null) {
    queryParameters.addAll({'login_hint': loginHint});
  }

  if (interactionMode != null) {
    // need to align with the backend OIDC params name
    queryParameters.addAll({'interaction_mode': interactionMode.value});
  }

  if (directSignIn != null) {
    queryParameters.addAll({'direct_sign_in': directSignIn});
  }

  if (firstScreen != null) {
    queryParameters.addAll({'first_screen': firstScreen.value});
  }

  if (identifiers != null && identifiers.isNotEmpty) {
    queryParameters.addAll({
      'identifier': identifiers.map((e) => e.value).join(' '),
    });
  }

  if (extraParams != null) {
    queryParameters.addAll(extraParams);
  }

  return addQueryParameters(signInUri, queryParameters);
}