From 9f7ddf289a944d8a532e46a25b68a80f40b96ae2 Mon Sep 17 00:00:00 2001
From: Steve Hobbs <steve.hobbs@okta.com>
Date: Tue, 6 Jun 2023 14:48:02 +0100
Subject: [PATCH] fix: allow audience and scope to be supplied during
 initialization (#272)

---
 auth0_flutter/lib/auth0_flutter_web.dart           | 13 +++++++++++--
 .../web/extensions/client_options_extensions.dart  |  6 +++++-
 auth0_flutter/lib/src/web/js_interop.dart          |  3 ++-
 .../lib/src/web/client_options.dart                | 14 +++++++++++++-
 4 files changed, 31 insertions(+), 5 deletions(-)

diff --git a/auth0_flutter/lib/auth0_flutter_web.dart b/auth0_flutter/lib/auth0_flutter_web.dart
index 2d42dcb4..224188fe 100644
--- a/auth0_flutter/lib/auth0_flutter_web.dart
+++ b/auth0_flutter/lib/auth0_flutter_web.dart
@@ -32,6 +32,11 @@ class Auth0Web {
   /// learn more about these parameters.
   /// * See the [ClientOptions] type for the full description of the remaining
   /// parameters for this method.
+  /// * [audience] relates to the API Identifier you want to reference in your
+  /// access tokens. See [API settings](https://auth0.com/docs/get-started/apis/api-settings)
+  /// to learn more.
+  /// * [scopes] defaults to `openid profile email`. You can override these
+  /// scopes, but `openid` is always requested regardless of this setting.
   Future<Credentials?> onLoad(
       {final int? authorizeTimeoutInSeconds,
       final CacheLocation? cacheLocation,
@@ -44,7 +49,9 @@ class Auth0Web {
       final bool? useCookiesForTransactions,
       final bool? useFormData,
       final bool? useRefreshTokens,
-      final bool? useRefreshTokensFallback}) async {
+      final bool? useRefreshTokensFallback,
+      final String? audience,
+      final Set<String>? scopes}) async {
     await Auth0FlutterWebPlatform.instance.initialize(
         ClientOptions(
             account: _account,
@@ -59,7 +66,9 @@ class Auth0Web {
             useCookiesForTransactions: useCookiesForTransactions,
             useFormData: useFormData,
             useRefreshTokens: useRefreshTokens,
-            useRefreshTokensFallback: useRefreshTokensFallback),
+            useRefreshTokensFallback: useRefreshTokensFallback,
+            audience: audience,
+            scopes: scopes),
         _userAgent);
 
     if (await hasValidCredentials()) {
diff --git a/auth0_flutter/lib/src/web/extensions/client_options_extensions.dart b/auth0_flutter/lib/src/web/extensions/client_options_extensions.dart
index d38640cc..c70a6965 100644
--- a/auth0_flutter/lib/src/web/extensions/client_options_extensions.dart
+++ b/auth0_flutter/lib/src/web/extensions/client_options_extensions.dart
@@ -1,5 +1,6 @@
 import 'package:auth0_flutter_platform_interface/auth0_flutter_platform_interface.dart';
 import '../js_interop.dart';
+import '../js_interop_utils.dart';
 
 extension ClientOptionsExtension on ClientOptions {
   Auth0ClientOptions toAuth0ClientOptions(final UserAgent userAgent) =>
@@ -19,5 +20,8 @@ extension ClientOptionsExtension on ClientOptions {
           useCookiesForTransactions: useCookiesForTransactions,
           useFormData: useFormData,
           useRefreshTokens: useRefreshTokens,
-          useRefreshTokensFallback: useRefreshTokensFallback);
+          useRefreshTokensFallback: useRefreshTokensFallback,
+          authorizationParams: JsInteropUtils.stripNulls(AuthorizationParams(
+              audience: audience,
+              scope: scopes?.isNotEmpty == true ? scopes?.join(' ') : null)));
 }
diff --git a/auth0_flutter/lib/src/web/js_interop.dart b/auth0_flutter/lib/src/web/js_interop.dart
index ccfcbe8d..9367eef1 100644
--- a/auth0_flutter/lib/src/web/js_interop.dart
+++ b/auth0_flutter/lib/src/web/js_interop.dart
@@ -90,7 +90,8 @@ class Auth0ClientOptions {
       final bool? useCookiesForTransactions,
       final bool? useFormData,
       final bool? useRefreshTokens,
-      final bool? useRefreshTokensFallback});
+      final bool? useRefreshTokensFallback,
+      final AuthorizationParams? authorizationParams});
 }
 
 @JS()
diff --git a/auth0_flutter_platform_interface/lib/src/web/client_options.dart b/auth0_flutter_platform_interface/lib/src/web/client_options.dart
index 1d6dfdac..e7e11836 100644
--- a/auth0_flutter_platform_interface/lib/src/web/client_options.dart
+++ b/auth0_flutter_platform_interface/lib/src/web/client_options.dart
@@ -95,6 +95,16 @@ class ClientOptions {
   /// The configuration for validating ID tokens.
   final IdTokenValidationConfig? idTokenValidationConfig;
 
+  /// The default audience to be used for requesting API access.
+  final String? audience;
+
+  /// The default scopes to be used on authentication requests.
+  ///
+  /// This defaults to `openid profile email` if not specified.
+  ///
+  /// Note: The openid scope is always applied regardless of this setting.
+  final Set<String>? scopes;
+
   ClientOptions(
       {required this.account,
       this.authorizeTimeoutInSeconds,
@@ -107,5 +117,7 @@ class ClientOptions {
       this.useFormData,
       this.useRefreshTokens,
       this.useRefreshTokensFallback,
-      this.idTokenValidationConfig});
+      this.idTokenValidationConfig,
+      this.audience,
+      this.scopes});
 }