From 57bb3a5ac6d57f530f8a8c4821b58d293f75b0eb Mon Sep 17 00:00:00 2001
From: Abdul <hallak.aa@gmail.com>
Date: Fri, 29 Mar 2024 23:35:04 +0400
Subject: [PATCH] Add screen hint to GetAuthorizationURLOpts (#319)

* Add screen hint
---
 pkg/usermanagement/client.go      | 20 ++++++++++++++++++++
 pkg/usermanagement/client_test.go | 10 ++++++++++
 2 files changed, 30 insertions(+)

diff --git a/pkg/usermanagement/client.go b/pkg/usermanagement/client.go
index 7c39a05c..fb638934 100644
--- a/pkg/usermanagement/client.go
+++ b/pkg/usermanagement/client.go
@@ -20,6 +20,15 @@ import (
 // ResponseLimit is the default number of records to limit a response to.
 const ResponseLimit = 10
 
+// ScreenHint represents the screen to redirect the user to in Authkit
+type ScreenHint string
+
+// Constants that enumerate the available screen hints.
+const (
+	SignUp ScreenHint = "sign-up"
+	SignIn ScreenHint = "sign-in"
+)
+
 // Order represents the order of records.
 type Order string
 
@@ -702,6 +711,10 @@ type GetAuthorizationURLOpts struct {
 	// Domain hint that will be passed as a parameter to the IdP login page.
 	// OPTIONAL.
 	DomainHint string
+
+	// ScreenHint represents the screen to redirect the user to when the provider is Authkit.
+	// OPTIONAL.
+	ScreenHint ScreenHint
 }
 
 // GetAuthorizationURL generates an OAuth 2.0 authorization URL.
@@ -743,6 +756,13 @@ func (c *Client) GetAuthorizationURL(opts GetAuthorizationURLOpts) (*url.URL, er
 		query.Set("state", opts.State)
 	}
 
+	if opts.ScreenHint != "" {
+		if opts.Provider != "authkit" {
+			return nil, errors.New("provider must be 'authkit' to include a screen hint")
+		}
+		query.Set("screen_hint", string(opts.ScreenHint))
+	}
+
 	u, err := url.ParseRequestURI(c.Endpoint + "/user_management/authorize")
 	if err != nil {
 		return nil, err
diff --git a/pkg/usermanagement/client_test.go b/pkg/usermanagement/client_test.go
index 2badb359..82fa94b4 100644
--- a/pkg/usermanagement/client_test.go
+++ b/pkg/usermanagement/client_test.go
@@ -525,6 +525,16 @@ func TestClientAuthorizeURL(t *testing.T) {
 			},
 			expected: "https://api.workos.com/user_management/authorize?client_id=client_123&provider=GoogleOAuth&redirect_uri=https%3A%2F%2Fexample.com%2Fsso%2Fworkos%2Fcallback&response_type=code&state=custom+state",
 		},
+		{
+			scenario: "generate url with a screen hint",
+			options: GetAuthorizationURLOpts{
+				ClientID:    "client_123",
+				Provider:    "authkit",
+				RedirectURI: "https://example.com/sso/workos/callback",
+				ScreenHint:  "sign-up",
+			},
+			expected: "https://api.workos.com/user_management/authorize?client_id=client_123&provider=authkit&redirect_uri=https%3A%2F%2Fexample.com%2Fsso%2Fworkos%2Fcallback&response_type=code&screen_hint=sign-up",
+		},
 		{
 			scenario: "generate url with connection",
 			options: GetAuthorizationURLOpts{