Merge pull request #577 from stytchauth/oauth_attach_token

Add oauth_attach_token to 3rd party oauth requests

Author: nidal-stytch

Sources/StytchCore/StytchClient/OAuth/OAuth+Apple.swift

@@ -18,6 +18,7 @@ public extension StytchClient.OAuth {
         /// Initiates the OAuth flow by using the included parameters to start a Sign In With Apple request. If the authentication is successful this method will return a new session object.
         public func start(parameters: StartParameters) async throws -> AuthenticateResponse {
             let rawNonce = try cryptoClient.dataWithRandomBytesOfCount(32).toHexString()
+
             let authenticateResult = try await appleOAuthClient.authenticate(
                 configureController: { controller in
                     #if !os(watchOS)
@@ -26,6 +27,7 @@ public extension StytchClient.OAuth {
                 },
                 nonce: cryptoClient.sha256(Data(rawNonce.utf8)).base64EncodedString()
             )
+
             let authenticateResponse: AuthenticateResponse = try await router.post(
                 to: .authenticate,
                 parameters: AuthenticateParameters(
@@ -34,6 +36,7 @@ public extension StytchClient.OAuth {
                     sessionDurationMinutes: parameters.sessionDurationMinutes
                 )
             )
+
             if authenticateResult.name != nil {
                 let _: BasicResponse = try await userRouter.put(
                     to: .index,
@@ -42,6 +45,7 @@ public extension StytchClient.OAuth {
                     )
                 )
             }
+
             _ = try await EventsClient.logEvent(
                 parameters: .init(
                     eventName: "apple_oauth_name_found",
@@ -97,7 +101,9 @@ public extension StytchClient.OAuth.Apple {
             self.sessionDurationMinutes = sessionDurationMinutes
             self.presentationContextProvider = presentationContextProvider
         }
+
         #else
+
         /// - Parameters:
         ///   - sessionDurationMinutes: The duration, in minutes, of the requested session. Defaults to 5 minutes.
         public init(sessionDurationMinutes: Minutes = StytchClient.defaultSessionDuration) {

Sources/StytchCore/StytchClient/OAuth/OAuth+ThirdParty.swift

@@ -37,6 +37,7 @@ public extension StytchClient.OAuth.ThirdParty {
     struct WebAuthenticationConfiguration: WebAuthenticationSessionClientConfiguration {
         let loginRedirectUrl: URL?
         let signupRedirectUrl: URL?
+        let oauthAttachToken: String?
         let customScopes: [String]?
         let providerParams: [String: String]?
         public let clientType: ClientType = .consumer
@@ -50,16 +51,19 @@ public extension StytchClient.OAuth.ThirdParty {
         /// - Parameters:
         ///   - loginRedirectUrl: The url an existing user is redirected to after authenticating with the identity provider. This url **must** use a custom scheme and be added to your Stytch Dashboard.
         ///   - signupRedirectUrl: The url a new user is redirected to after authenticating with the identity provider. This url **must** use a custom scheme and be added to your Stytch Dashboard.
+        ///   - oauthAttachToken: A single-use token for connecting the Stytch User selection from an OAuth Attach request to the corresponding OAuth Start request.
         ///   - customScopes: Any additional scopes to be requested from the identity provider.
         ///   - providerParams: An optional mapping of provider specific values to pass through to the OAuth provider
         public init(
             loginRedirectUrl: URL? = nil,
             signupRedirectUrl: URL? = nil,
+            oauthAttachToken: String? = nil,
             customScopes: [String]? = nil,
             providerParams: [String: String]? = nil
         ) {
             self.loginRedirectUrl = loginRedirectUrl
             self.signupRedirectUrl = signupRedirectUrl
+            self.oauthAttachToken = oauthAttachToken
             self.customScopes = customScopes
             self.providerParams = providerParams
         }
@@ -91,6 +95,10 @@ public extension StytchClient.OAuth.ThirdParty {
                 queryParameters["signup_redirect_url"] = signupRedirectUrl
             }
 
+            if let oauthAttachToken = oauthAttachToken, oauthAttachToken.isEmpty == false {
+                queryParameters["oauth_attach_token"] = oauthAttachToken
+            }
+
             let domain = Current.localStorage.stytchDomain(publicToken)
             guard let url = URL(string: "https://\(domain)/v1/public/oauth/\(providerName)/start?\(queryParameters.toURLParameters())") else {
                 throw StytchSDKError.invalidStartURL