getAuthorizationUrl method
Returns the URL to which the resource owner should be redirected to authorize this client.
The resource owner will then be redirected to redirect, which should
point to a server controlled by the client. This redirect will have
additional query parameters that should be passed to
handleAuthorizationResponse.
The specific permissions being requested from the authorization server may
be specified via scopes. The scope strings are specific to the
authorization server and may be found in its documentation. Note that you
may not be granted access to every scope you request; you may check the
Credentials.scopes field of Client.credentials to see which scopes you
were granted.
An opaque state string may also be passed that will be present in the
query parameters provided to the redirect URL.
It is a StateError to call this more than once.
Implementation
Uri getAuthorizationUrl(Uri redirect,
{Iterable<String>? scopes, String? state}) {
if (_state != _State.initial) {
throw StateError('The authorization URL has already been generated.');
}
_state = _State.awaitingResponse;
var scopeList = scopes?.toList() ?? <String>[];
var codeChallenge = base64Url
.encode(sha256.convert(ascii.encode(_codeVerifier)).bytes)
.replaceAll('=', '');
_redirectEndpoint = redirect;
_scopes = scopeList;
_stateString = state;
var parameters = {
'response_type': 'code',
'client_id': identifier,
'redirect_uri': redirect.toString(),
'code_challenge': codeChallenge,
'code_challenge_method': 'S256'
};
if (state != null) parameters['state'] = state;
if (scopeList.isNotEmpty) parameters['scope'] = scopeList.join(_delimiter);
return addQueryParameters(authorizationEndpoint, parameters);
}