({
state,
request,
request_uri,
request_type,
id_token_hint,
login_hint,
skipUserInfo,
nonce,
url_state,
response_type = this.settings.response_type,
scope = this.settings.scope,
redirect_uri = this.settings.redirect_uri,
prompt = this.settings.prompt,
display = this.settings.display,
max_age = this.settings.max_age,
ui_locales = this.settings.ui_locales,
acr_values = this.settings.acr_values,
resource = this.settings.resource,
response_mode = this.settings.response_mode,
extraQueryParams = this.settings.extraQueryParams,
extraTokenParams = this.settings.extraTokenParams,
dpopJkt,
omitScopeWhenRequesting = this.settings.omitScopeWhenRequesting,
}: CreateSigninRequestArgs)
| 93 | } |
| 94 | |
| 95 | public async createSigninRequest({ |
| 96 | state, |
| 97 | request, |
| 98 | request_uri, |
| 99 | request_type, |
| 100 | id_token_hint, |
| 101 | login_hint, |
| 102 | skipUserInfo, |
| 103 | nonce, |
| 104 | url_state, |
| 105 | response_type = this.settings.response_type, |
| 106 | scope = this.settings.scope, |
| 107 | redirect_uri = this.settings.redirect_uri, |
| 108 | prompt = this.settings.prompt, |
| 109 | display = this.settings.display, |
| 110 | max_age = this.settings.max_age, |
| 111 | ui_locales = this.settings.ui_locales, |
| 112 | acr_values = this.settings.acr_values, |
| 113 | resource = this.settings.resource, |
| 114 | response_mode = this.settings.response_mode, |
| 115 | extraQueryParams = this.settings.extraQueryParams, |
| 116 | extraTokenParams = this.settings.extraTokenParams, |
| 117 | dpopJkt, |
| 118 | omitScopeWhenRequesting = this.settings.omitScopeWhenRequesting, |
| 119 | }: CreateSigninRequestArgs): Promise<SigninRequest> { |
| 120 | const logger = this._logger.create("createSigninRequest"); |
| 121 | |
| 122 | if (response_type !== "code") { |
| 123 | throw new Error("Only the Authorization Code flow (with PKCE) is supported"); |
| 124 | } |
| 125 | |
| 126 | const url = await this.metadataService.getAuthorizationEndpoint(); |
| 127 | logger.debug("Received authorization endpoint", url); |
| 128 | |
| 129 | const signinRequest = await SigninRequest.create({ |
| 130 | url, |
| 131 | authority: this.settings.authority, |
| 132 | client_id: this.settings.client_id, |
| 133 | redirect_uri, |
| 134 | response_type, |
| 135 | scope, |
| 136 | state_data: state, |
| 137 | url_state, |
| 138 | prompt, display, max_age, ui_locales, id_token_hint, login_hint, acr_values, dpopJkt, |
| 139 | resource, request, request_uri, extraQueryParams, extraTokenParams, request_type, response_mode, |
| 140 | client_secret: this.settings.client_secret, |
| 141 | skipUserInfo, |
| 142 | nonce, |
| 143 | disablePKCE: this.settings.disablePKCE, |
| 144 | omitScopeWhenRequesting, |
| 145 | }); |
| 146 | |
| 147 | // house cleaning |
| 148 | await this.clearStaleState(); |
| 149 | |
| 150 | const signinState = signinRequest.state; |
| 151 | await this.settings.stateStore.set(signinState.id, signinState.toStorageString()); |
| 152 | return signinRequest; |
no test coverage detected