From 4e14f62ed77c0036ed786f1e061d2d5b135c0e7d Mon Sep 17 00:00:00 2001 From: alevale Date: Wed, 18 Dec 2024 23:34:52 +0100 Subject: [PATCH] feat: Allow sending login_hint, lang and nonce on signInWithRedirects (#8951) --- .../cognito/signInWithRedirect.test.ts | 23 +++++++++++++++++++ .../cognito/apis/signInWithRedirect.ts | 13 +++++++++++ packages/auth/src/types/inputs.ts | 3 +++ 3 files changed, 39 insertions(+) diff --git a/packages/auth/__tests__/providers/cognito/signInWithRedirect.test.ts b/packages/auth/__tests__/providers/cognito/signInWithRedirect.test.ts index 8f91323319f..ec29bf71955 100644 --- a/packages/auth/__tests__/providers/cognito/signInWithRedirect.test.ts +++ b/packages/auth/__tests__/providers/cognito/signInWithRedirect.test.ts @@ -282,6 +282,7 @@ describe('signInWithRedirect', () => { ); expect(mockHandleFailure).toHaveBeenCalledWith(expectedError); }); + it('should not set the Oauth flag on non-browser environments', async () => { const mockOpenAuthSessionResult = { type: 'success', @@ -295,6 +296,28 @@ describe('signInWithRedirect', () => { expect(oAuthStore.storeOAuthInFlight).toHaveBeenCalledTimes(0); }); + + it('should send the login_hint, lang and nonce in the query string if provided', async () => { + await signInWithRedirect({ + provider: 'Google', + options: { + loginHint: 'someone@gmail.com', + lang: 'en', + nonce: '88388838883', + }, + }); + + const [oauthUrl, redirectSignIn, preferPrivateSession] = + mockOpenAuthSession.mock.calls[0]; + + expect(oauthUrl).toStrictEqual( + 'https://oauth.domain.com/oauth2/authorize?redirect_uri=http%3A%2F%2Flocalhost%3A3000%2F&response_type=code&client_id=userPoolClientId&identity_provider=Google&scope=phone%20email%20openid%20profile%20aws.cognito.signin.user.admin&login_hint=someone%40gmail.com&lang=en&nonce=88388838883&state=oauth_state&code_challenge=code_challenge&code_challenge_method=S256', + ); + expect(redirectSignIn).toEqual( + mockAuthConfigWithOAuth.Auth.Cognito.loginWith.oauth.redirectSignIn, + ); + expect(preferPrivateSession).toBeUndefined(); + }); }); describe('errors', () => { diff --git a/packages/auth/src/providers/cognito/apis/signInWithRedirect.ts b/packages/auth/src/providers/cognito/apis/signInWithRedirect.ts index cab4f018ee7..38fb2a99c6f 100644 --- a/packages/auth/src/providers/cognito/apis/signInWithRedirect.ts +++ b/packages/auth/src/providers/cognito/apis/signInWithRedirect.ts @@ -57,6 +57,9 @@ export async function signInWithRedirect( provider, customState: input?.customState, preferPrivateSession: input?.options?.preferPrivateSession, + loginHint: input?.options?.loginHint, + lang: input?.options?.lang, + nonce: input?.options?.nonce, }); } @@ -66,12 +69,18 @@ const oauthSignIn = async ({ clientId, customState, preferPrivateSession, + loginHint, + lang, + nonce, }: { oauthConfig: OAuthConfig; provider: string; clientId: string; customState?: string; preferPrivateSession?: boolean; + loginHint?: string; + lang?: string; + nonce?: string; }) => { const { domain, redirectSignIn, responseType, scopes } = oauthConfig; const randomState = generateState(); @@ -99,6 +108,10 @@ const oauthSignIn = async ({ client_id: clientId, identity_provider: provider, scope: scopes.join(' '), + // eslint-disable-next-line camelcase + ...(loginHint && { login_hint: loginHint }), + ...(lang && { lang }), + ...(nonce && { nonce }), state, ...(responseType === 'code' && { code_challenge: toCodeChallenge(), diff --git a/packages/auth/src/types/inputs.ts b/packages/auth/src/types/inputs.ts index c2947b4650a..4f6274ee377 100644 --- a/packages/auth/src/types/inputs.ts +++ b/packages/auth/src/types/inputs.ts @@ -68,6 +68,9 @@ export interface AuthSignInWithRedirectInput { * On all other platforms, this flag is ignored. */ preferPrivateSession?: boolean; + loginHint?: string; + lang?: string; + nonce?: string; }; }