Add support for LoginOptions (#13)

README.md

@@ -37,14 +37,14 @@ authentication methods. For example, let's use OTP via email:
 
 ```dart
 // sends an OTP code to the given email address
-await Descope.otp.signUp(method: DeliveryMethod.Email, loginId: "andy@example.com");
+await Descope.otp.signUp(method: DeliveryMethod.Email, loginId: 'andy@example.com');
 ```
 
 Finish the authentication by verifying the OTP code the user entered:
 
 ```dart
 // if the user entered the right code the authentication is successful
-final authResponse = await Descope.otp.verify(method: DeliveryMethod.Email, loginId: "andy@example.com", code: code);
+final authResponse = await Descope.otp.verify(method: DeliveryMethod.Email, loginId: 'andy@example.com', code: code);
 
 // we create a DescopeSession object that represents an authenticated user session
 final session = DescopeSession.fromAuthenticationResponse(authResponse);
@@ -84,7 +84,7 @@ in flow successfully you should set the `DescopeSession` object as the
 active session of the session manager.
 
 ```dart
-final authResponse = await Descope.otp.verify(method: DeliverMethod.Email, loginId: "andy@example.com", code: "123456");
+final authResponse = await Descope.otp.verify(method: DeliverMethod.Email, loginId: 'andy@example.com', code: '123456');
 final session = DescopeSession.fromAuthenticationResponse(authResponse);
 Descope.sessionManager.manageSession(session);
 ```
@@ -106,7 +106,7 @@ can do the following.
 await Descope.sessionManager.refreshSessionIfNeeded();
 final sessionJwt = Descope.sessionManager.session?.sessionJwt;
 if (sessionJwt != null) {
-    request.headers["X-Auth-Token"] = sessionJwt;
+    request.headers['X-Auth-Token'] = sessionJwt;
 } else {
     // unauthorized
 }
@@ -132,7 +132,7 @@ void main() async {
 
   final session = Descope.sessionManager.session;
   if (session != null) {
-    print("User is logged in: ${session.user}");
+    print('User is logged in: ${session.user}');
   }
 
   runApp(
@@ -198,7 +198,7 @@ final _router = GoRouter(
             } catch (e) {
               // Handle errors here
             }
-            return "/"; // This route doesn't display anything but returns the root path where the user will be signed in
+            return '/'; // This route doesn't display anything but returns the root path where the user will be signed in
           },
         ),
       ],
@@ -241,7 +241,7 @@ or via [ASWebAuthenticationSession](https://developer.apple.com/documentation/au
 Run the flow by calling the flow start function:
 
 ```dart
-final authResponse = await Descope.flow.start("<URL_FOR_FLOW_IN_SETUP_#1>", deepLinkUrl: "<URL_FOR_APP_LINK_IN_SETUP_#2>");
+final authResponse = await Descope.flow.start('<URL_FOR_FLOW_IN_SETUP_#1>', deepLinkUrl: '<URL_FOR_APP_LINK_IN_SETUP_#2>');
 final session = DescopeSession.fromAuthenticationResponse(authResponse);
 Descope.sessionManager.manageSession(session);
 ```
@@ -271,7 +271,7 @@ final maskedEmail = await Descope.otp.signUp(method: DeliveryMethod.email, login
 The user will receive a code using the selected delivery method. Verify that code using:
 
 ```dart
-final authResponse = await Descope.otp.verify(method: DeliveryMethod.email, loginId: "desmond_c@mail.com", code: "123456");
+final authResponse = await Descope.otp.verify(method: DeliveryMethod.email, loginId: 'desmond_c@mail.com', code: '123456');
 ```
 
 ### Magic Link

lib/descope.dart

@@ -31,7 +31,7 @@ class Descope {
   /// and in most cases you only need to set this to work with the `Descope` singleton.
   ///
   /// **Note:** This is a shortcut for setting the [Descope.config] property.
-  static String _projectId = "";
+  static String _projectId = '';
 
   static String get projectId => _projectId;
 
@@ -53,7 +53,7 @@ class Descope {
   static DescopeConfig get config => _config;
 
   static set config(DescopeConfig config) {
-    assert(config.projectId != "");
+    assert(config.projectId != '');
     _config = config;
   }
 
@@ -62,7 +62,7 @@ class Descope {
   /// You can use this [DescopeSessionManager] object as a shared instance to manage
   /// authenticated sessions in your application.
   ///
-  ///     final authResponse = Descope.otp.verify(DeliveryMethod.Email, "andy@example.com", "123456")
+  ///     final authResponse = Descope.otp.verify(DeliveryMethod.Email, 'andy@example.com', '123456')
   ///     val session = DescopeSession(authResponse)
   ///     Descope.sessionManager.manageSession(session)
   ///

lib/src/extensions/request.dart

@@ -25,6 +25,6 @@ extension AddAuthorization on http.Request {
   /// Sets the JWT from a [DescopeToken] as the Bearer Token value of
   /// the Authorization header field in the [http.Request].
   void setAuthorizationFromToken(DescopeToken token) {
-    headers['Authorization'] = "Bearer ${token.jwt}";
+    headers['Authorization'] = 'Bearer ${token.jwt}';
   }
 }

lib/src/internal/http/descope_client.dart

@@ -17,14 +17,18 @@ class DescopeClient extends HttpClient {
     });
   }
 
-  Future<MaskedAddressServerResponse> otpSignIn(DeliveryMethod method, String loginId) {
-    return post('auth/otp/signin/${method.name}', MaskedAddressServerResponse.decoder, body: {
+  Future<MaskedAddressServerResponse> otpSignIn(DeliveryMethod method, String loginId, SignInOptions? options) {
+    return post('auth/otp/signin/${method.name}', MaskedAddressServerResponse.decoder, headers: authorization(options?.refreshJwt), body: {
       'loginId': loginId,
+      'loginOptions': options?.toMap(),
     });
   }
 
-  Future<MaskedAddressServerResponse> otpSignUpIn(DeliveryMethod method, String loginId) {
-    return post('auth/otp/signup-in/${method.name}', MaskedAddressServerResponse.decoder, body: {'loginId': loginId});
+  Future<MaskedAddressServerResponse> otpSignUpIn(DeliveryMethod method, String loginId, SignInOptions? options) {
+    return post('auth/otp/signup-in/${method.name}', MaskedAddressServerResponse.decoder, headers: authorization(options?.refreshJwt), body: {
+      'loginId': loginId,
+      'loginOptions': options?.toMap(),
+    });
   }
 
   Future<JWTServerResponse> otpVerify(DeliveryMethod method, String loginId, String code) {
@@ -58,10 +62,11 @@ class DescopeClient extends HttpClient {
     });
   }
 
-  Future<JWTServerResponse> totpVerify(String loginId, String code) {
-    return post('auth/totp/verify', JWTServerResponse.decoder, body: {
+  Future<JWTServerResponse> totpVerify(String loginId, String code, SignInOptions? options) {
+    return post('auth/totp/verify', JWTServerResponse.decoder, headers: authorization(options?.refreshJwt), body: {
       'loginId': loginId,
       'code': code,
+      'loginOptions': options?.toMap(),
     });
   }
 
@@ -124,17 +129,19 @@ class DescopeClient extends HttpClient {
     });
   }
 
-  Future<MaskedAddressServerResponse> magicLinkSignIn(DeliveryMethod method, String loginId, String? uri) {
-    return post('auth/magiclink/signin/${method.name}', MaskedAddressServerResponse.decoder, body: {
+  Future<MaskedAddressServerResponse> magicLinkSignIn(DeliveryMethod method, String loginId, String? uri, SignInOptions? options) {
+    return post('auth/magiclink/signin/${method.name}', MaskedAddressServerResponse.decoder, headers: authorization(options?.refreshJwt), body: {
       'loginId': loginId,
       'uri': uri,
+      'loginOptions': options?.toMap(),
     });
   }
 
-  Future<MaskedAddressServerResponse> magicLinkSignUpOrIn(DeliveryMethod method, String loginId, String? uri) {
-    return post('auth/magiclink/signup-in/${method.name}', MaskedAddressServerResponse.decoder, body: {
+  Future<MaskedAddressServerResponse> magicLinkSignUpOrIn(DeliveryMethod method, String loginId, String? uri, SignInOptions? options) {
+    return post('auth/magiclink/signup-in/${method.name}', MaskedAddressServerResponse.decoder, headers: authorization(options?.refreshJwt), body: {
       'loginId': loginId,
       'uri': uri,
+      'loginOptions': options?.toMap(),
     });
   }
 
@@ -171,17 +178,19 @@ class DescopeClient extends HttpClient {
     });
   }
 
-  Future<EnchantedLinkServerResponse> enchantedLinkSignIn(String loginId, String? uri) {
-    return post('auth/enchantedlink/signin/email', EnchantedLinkServerResponse.decoder, body: {
+  Future<EnchantedLinkServerResponse> enchantedLinkSignIn(String loginId, String? uri, SignInOptions? options) {
+    return post('auth/enchantedlink/signin/email', EnchantedLinkServerResponse.decoder, headers: authorization(options?.refreshJwt), body: {
       'loginId': loginId,
       'uri': uri,
+      'loginOptions': options?.toMap(),
     });
   }
 
-  Future<EnchantedLinkServerResponse> enchantedLinkSignUpOrIn(String loginId, String? uri) {
-    return post('auth/enchantedlink/signup-in/email', EnchantedLinkServerResponse.decoder, body: {
+  Future<EnchantedLinkServerResponse> enchantedLinkSignUpOrIn(String loginId, String? uri, SignInOptions? options) {
+    return post('auth/enchantedlink/signup-in/email', EnchantedLinkServerResponse.decoder, headers: authorization(options?.refreshJwt), body: {
       'loginId': loginId,
       'uri': uri,
+      'loginOptions': options?.toMap(),
     });
   }
 
@@ -201,10 +210,12 @@ class DescopeClient extends HttpClient {
 
   // OAuth
 
-  Future<OAuthServerResponse> oauthStart(OAuthProvider provider, String? redirectUrl) {
-    return post('auth/oauth/authorize', OAuthServerResponse.decoder, params: {
+  Future<OAuthServerResponse> oauthStart(OAuthProvider provider, String? redirectUrl, SignInOptions? options) {
+    return post('auth/oauth/authorize', OAuthServerResponse.decoder, headers: authorization(options?.refreshJwt), params: {
       'provider': provider.name,
       'redirectURL': redirectUrl,
+    }, body: {
+      'loginOptions': options?.toMap(),
     });
   }
 
@@ -216,10 +227,12 @@ class DescopeClient extends HttpClient {
 
   // SSO
 
-  Future<SsoServerResponse> ssoStart(String emailOrTenantId, String? redirectUrl) {
-    return post('auth/saml/authorize', SsoServerResponse.decoder, params: {
+  Future<SsoServerResponse> ssoStart(String emailOrTenantId, String? redirectUrl, SignInOptions? options) {
+    return post('auth/saml/authorize', SsoServerResponse.decoder, headers: authorization(options?.refreshJwt), params: {
       'tenant': emailOrTenantId,
       'redirectURL': redirectUrl,
+    }, body: {
+      'loginOptions': options?.toMap(),
     });
   }
 
@@ -264,12 +277,22 @@ class DescopeClient extends HttpClient {
         'x-descope-sdk-version': '0.1.0',
       };
 
-  Map<String, String> authorization(String value) {
-    return {'Authorization': 'Bearer ${config.projectId}:$value'};
+  Map<String, String> authorization(String? value) {
+    return value != null ? {'Authorization': 'Bearer ${config.projectId}:$value'} : {};
   }
 }
 
-// Extensions
+extension on SignInOptions {
+  String? get refreshJwt => stepupRefreshJwt ?? mfaRefreshJwt;
+
+  Map<String, dynamic> toMap() {
+    return {
+      'stepup': stepupRefreshJwt != null ? true : null,
+      'mfa': mfaRefreshJwt != null ? true : null,
+      'customClaims': customClaims.isNotEmpty ? customClaims : null,
+    };
+  }
+}
 
 extension on SignUpDetails {
   Map<String, dynamic> toMap() {

lib/src/internal/http/responses.dart

@@ -4,7 +4,7 @@ import 'http_client.dart';
 
 part 'responses.g.dart';
 
-const refreshCookieName = "DSR";
+const refreshCookieName = 'DSR';
 
 @JsonSerializable(createToJson: false)
 class JWTServerResponse {

lib/src/internal/routes/enchanted_link.dart

@@ -18,13 +18,13 @@ class EnchantedLink implements DescopeEnchantedLink {
   }
 
   @override
-  Future<EnchantedLinkResponse> signIn({required String loginId, String? uri}) async {
-    return (await client.enchantedLinkSignIn(loginId, uri)).convert();
+  Future<EnchantedLinkResponse> signIn({required String loginId, String? uri, SignInOptions? options}) async {
+    return (await client.enchantedLinkSignIn(loginId, uri, options)).convert();
   }
 
   @override
-  Future<EnchantedLinkResponse> signUpOrIn({required String loginId, String? uri}) async {
-    return (await client.enchantedLinkSignUpOrIn(loginId, uri)).convert();
+  Future<EnchantedLinkResponse> signUpOrIn({required String loginId, String? uri, SignInOptions? options}) async {
+    return (await client.enchantedLinkSignUpOrIn(loginId, uri, options)).convert();
   }
 
   @override

lib/src/internal/routes/flow.dart

@@ -12,7 +12,7 @@ import 'package:flutter/services.dart';
 import '/src/internal/http/descope_client.dart';
 import '/src/sdk/routes.dart';
 
-const _defaultRedirectURL = "descopeauth://flow";
+const _defaultRedirectURL = 'descopeauth://flow';
 
 class Flow extends DescopeFlow {
   static const _mChannel = MethodChannel('descope_flutter/methods');
@@ -28,7 +28,7 @@ class Flow extends DescopeFlow {
   @override
   Future<AuthenticationResponse> start(String flowUrl, {String? deepLinkUrl}) async {
     // cancel any previous still running flows
-    _current?.completer?.completeError(Exception("Canceled"));
+    _current?.completer?.completeError(Exception('Canceled'));
 
     // prepare a new flow runner
     final runner = _FlowRunner(flowUrl, deepLinkUrl);
@@ -53,7 +53,7 @@ class Flow extends DescopeFlow {
     final codeVerifier = runner?.codeVerifier;
     final completer = runner?.completer;
     if (runner == null || codeVerifier == null || completer == null) {
-      throw Exception("No flow pending exchange");
+      throw Exception('No flow pending exchange');
     }
 
     _current = null;
@@ -77,23 +77,23 @@ class Flow extends DescopeFlow {
     subscription = _eChannel.receiveBroadcastStream().listen((event) {
       final str = event as String;
       switch(str) {
-        case "canceled":
-          _completeWithError("Flow canceled by user");
+        case 'canceled':
+          _completeWithError('Flow canceled by user');
           break;
-        case "":
-          _completeWithError("Unexpected error running flow");
+        case '':
+          _completeWithError('Unexpected error running flow');
           break;
         default:
           try {
             final uri = Uri.parse(str);
             exchange(uri);
           } on Exception {
-            _completeWithError("Unexpected URI received from flow");
+            _completeWithError('Unexpected URI received from flow');
           }
       }
       subscription?.cancel();
     }, onError: (_) {
-      _completeWithError("Authentication failed");
+      _completeWithError('Authentication failed');
       subscription?.cancel();
     });
 

lib/src/internal/routes/magic_link.dart

@@ -15,13 +15,13 @@ class MagicLink implements DescopeMagicLink {
   }
 
   @override
-  Future<String> signIn({required DeliveryMethod method, required String loginId, String? uri}) async {
-    return (await client.magicLinkSignIn(method, loginId, uri)).convert(method);
+  Future<String> signIn({required DeliveryMethod method, required String loginId, String? uri, SignInOptions? options}) async {
+    return (await client.magicLinkSignIn(method, loginId, uri, options)).convert(method);
   }
 
   @override
-  Future<String> signUpOrIn({required DeliveryMethod method, required String loginId, String? uri}) async {
-    return (await client.magicLinkSignUpOrIn(method, loginId, uri)).convert(method);
+  Future<String> signUpOrIn({required DeliveryMethod method, required String loginId, String? uri, SignInOptions? options}) async {
+    return (await client.magicLinkSignUpOrIn(method, loginId, uri, options)).convert(method);
   }
 
   @override

lib/src/internal/routes/oauth.dart

@@ -10,8 +10,8 @@ class OAuth implements DescopeOAuth {
   OAuth(this.client);
 
   @override
-  Future<String> start({required OAuthProvider provider, String? redirectUrl}) async {
-    return (await client.oauthStart(provider, redirectUrl)).url;
+  Future<String> start({required OAuthProvider provider, String? redirectUrl, SignInOptions? options}) async {
+    return (await client.oauthStart(provider, redirectUrl, options)).url;
   }
 
   @override

lib/src/internal/routes/otp.dart

@@ -15,13 +15,13 @@ class Otp implements DescopeOtp {
   }
 
   @override
-  Future<String> signIn({required DeliveryMethod method, required String loginId}) async {
-    return (await client.otpSignIn(method, loginId)).convert(method);
+  Future<String> signIn({required DeliveryMethod method, required String loginId, SignInOptions? options}) async {
+    return (await client.otpSignIn(method, loginId, options)).convert(method);
   }
 
   @override
-  Future<String> signUpOrIn({required DeliveryMethod method, required String loginId}) async {
-    return (await client.otpSignUpIn(method, loginId)).convert(method);
+  Future<String> signUpOrIn({required DeliveryMethod method, required String loginId, SignInOptions? options}) async {
+    return (await client.otpSignUpIn(method, loginId, options)).convert(method);
   }
 
   @override

lib/src/internal/routes/sso.dart

@@ -1,5 +1,6 @@
 import '/src/sdk/routes.dart';
 import '/src/types/responses.dart';
+import '../../types/others.dart';
 import '../http/descope_client.dart';
 import 'shared.dart';
 
@@ -9,8 +10,8 @@ class Sso implements DescopeSso {
   Sso(this.client);
 
   @override
-  Future<String> start({required String emailOrTenantId, String? redirectUrl}) async {
-    return (await client.ssoStart(emailOrTenantId, redirectUrl)).url;
+  Future<String> start({required String emailOrTenantId, String? redirectUrl, SignInOptions? options}) async {
+    return (await client.ssoStart(emailOrTenantId, redirectUrl, options)).url;
   }
 
   @override