fix: couple of small updates to generateAuthUrl, including auto setting store with nonce and state.

DanielRivers · DanielRivers · commit e0e24227304d · 2024-10-25T00:57:48.000+01:00
diff --git a/lib/utils/generateAuthUrl.ts b/lib/utils/generateAuthUrl.ts
@@ -1,3 +1,4 @@
+import { getActiveStorage, StorageKeys } from "../main";
 import { IssuerRouteTypes, LoginOptions } from "../types";
 import { generateRandomString } from "./generateRandomString";
 import { mapLoginMethodParamsForUrl } from "./mapLoginMethodParamsForUrl";
@@ -14,7 +15,7 @@ export const generateAuthUrl = (
   options: LoginOptions,
 ): { url: URL; state: string; nonce: string } => {
   const authUrl = new URL(`${domain}/oauth2/auth`);
-
+  const activeStorage = getActiveStorage();
   const searchParams: Record<string, string> = {
     client_id: options.clientId,
     response_type: options.responseType || "code",
@@ -24,19 +25,23 @@ export const generateAuthUrl = (
 
   if (!options.state) {
     options.state = generateRandomString(32);
+    if (activeStorage) {
+      activeStorage.setSessionItem(StorageKeys.state, options.state);
+    }
   }
   searchParams["state"] = options.state;
 
   if (!options.nonce) {
     options.nonce = generateRandomString(16);
   }
   searchParams["nonce"] = options.nonce;
-
-  if (options.codeChallenge) {
-    searchParams["code_challenge"] = options.codeChallenge;
-    searchParams["code_challenge_method"] = "S256";
+  if (activeStorage) {
+    activeStorage.setSessionItem(StorageKeys.nonce, options.nonce);
   }
 
+  searchParams["code_challenge"] = (options.codeChallenge) ? options.codeChallenge : generateRandomString(32);
+  searchParams["code_challenge_method"] = "S256";
+
   if (options.codeChallengeMethod) {
     searchParams["code_challenge_method"] = options.codeChallengeMethod;
   }
diff --git a/lib/utils/mapLoginMethodParamsForUrl.ts b/lib/utils/mapLoginMethodParamsForUrl.ts
@@ -11,7 +11,7 @@ export const mapLoginMethodParamsForUrl = (
     redirect_uri: options.redirectURL
       ? sanatizeURL(options.redirectURL)
       : undefined,
-    audience: options.audience,
+    audience: options.audience || "",
     scope: options.scope?.join(" ") || "email profile openid offline",
     prompt: options.prompt,
     lang: options.lang,
