descope · shilgapira · Sep 5, 2023 · Aug 28, 2023 · May 16, 2023 · Aug 20, 2023
diff --git a/src/internal/http/DescopeClient.swift b/src/internal/http/DescopeClient.swift
@@ -18,15 +18,17 @@ class DescopeClient: HTTPClient {
         ])
     }
 
-    func otpSignIn(with method: DeliveryMethod, loginId: String) async throws -> MaskedAddress {
-        return try await post("auth/otp/signin/\(method.rawValue)", body: [
-            "loginId": loginId
+    func otpSignIn(with method: DeliveryMethod, loginId: String, refreshJwt: String?, options: LoginOptions?) async throws -> MaskedAddress {
+        return try await post("auth/otp/signin/\(method.rawValue)", headers: authorization(with: refreshJwt), body: [
+            "loginId": loginId,
+            "loginOptions": options?.dictValue,
         ])
     }
 
-    func otpSignUpIn(with method: DeliveryMethod, loginId: String) async throws -> MaskedAddress {
-        return try await post("auth/otp/signup-in/\(method.rawValue)", body: [
-            "loginId": loginId
+    func otpSignUpIn(with method: DeliveryMethod, loginId: String, refreshJwt: String?, options: LoginOptions?) async throws -> MaskedAddress {
+        return try await post("auth/otp/signup-in/\(method.rawValue)", headers: authorization(with: refreshJwt), body: [
+            "loginId": loginId,
+            "loginOptions": options?.dictValue,
         ])
     }
 
@@ -71,10 +73,11 @@ class DescopeClient: HTTPClient {
         ])
     }
 
-    func totpVerify(loginId: String, code: String) async throws -> JWTResponse {
-        return try await post("auth/totp/verify", body: [
+    func totpVerify(loginId: String, code: String, refreshJwt: String?, options: LoginOptions?) async throws -> JWTResponse {
+        return try await post("auth/totp/verify", headers: authorization(with: refreshJwt), body: [
             "loginId": loginId,
             "code": code,
+            "loginOptions": options?.dictValue,
         ])
     }
 
@@ -138,25 +141,27 @@ class DescopeClient: HTTPClient {
 
     // MARK: - Magic Link
 
-    func magicLinkSignUp(with method: DeliveryMethod, loginId: String, details: SignUpDetails?, uri: String?) async throws -> MaskedAddress {
+    func magicLinkSignUp(with method: DeliveryMethod, loginId: String, details: SignUpDetails?, redirectURL: String?) async throws -> MaskedAddress {
         return try await post("auth/magiclink/signup/\(method.rawValue)", body: [
             "loginId": loginId,
             "user": details?.dictValue,
-            "uri": uri,
+            "redirectUrl": redirectURL,
         ])
     }
 
-    func magicLinkSignIn(with method: DeliveryMethod, loginId: String, uri: String?) async throws -> MaskedAddress {
-        return try await post("auth/magiclink/signin/\(method.rawValue)", body: [
+    func magicLinkSignIn(with method: DeliveryMethod, loginId: String, redirectURL: String?, refreshJwt: String?, options: LoginOptions?) async throws -> MaskedAddress {
+        return try await post("auth/magiclink/signin/\(method.rawValue)", headers: authorization(with: refreshJwt), body: [
             "loginId": loginId,
-            "uri": uri,
+            "redirectUrl": redirectURL,
+            "loginOptions": options?.dictValue,
         ])
     }
 
-    func magicLinkSignUpOrIn(with method: DeliveryMethod, loginId: String, uri: String?) async throws -> MaskedAddress {
-        return try await post("auth/magiclink/signup-in/\(method.rawValue)", body: [
+    func magicLinkSignUpOrIn(with method: DeliveryMethod, loginId: String, redirectURL: String?, refreshJwt: String?, options: LoginOptions?) async throws -> MaskedAddress {
+        return try await post("auth/magiclink/signup-in/\(method.rawValue)", headers: authorization(with: refreshJwt), body: [
             "loginId": loginId,
-            "uri": uri,
+            "redirectUrl": redirectURL,
+            "loginOptions": options?.dictValue,
         ])
     }
 
@@ -166,22 +171,22 @@ class DescopeClient: HTTPClient {
         ])
     }
 
-    func magicLinkUpdateEmail(_ email: String, loginId: String, uri: String?, refreshJwt: String, options: UpdateOptions) async throws -> MaskedAddress {
+    func magicLinkUpdateEmail(_ email: String, loginId: String, redirectURL: String?, refreshJwt: String, options: UpdateOptions) async throws -> MaskedAddress {
         return try await post("auth/magiclink/update/email", headers: authorization(with: refreshJwt), body: [
             "loginId": loginId,
             "email": email,
-            "uri": uri,
+            "redirectUrl": redirectURL,
             "addToLoginIDs": options.contains(.addToLoginIds),
             "onMergeUseExisting": options.contains(.onMergeUseExisting),
         ])
     }
 
-    func magicLinkUpdatePhone(_ phone: String, with method: DeliveryMethod, loginId: String, uri: String?, refreshJwt: String, options: UpdateOptions) async throws -> MaskedAddress {
+    func magicLinkUpdatePhone(_ phone: String, with method: DeliveryMethod, loginId: String, redirectURL: String?, refreshJwt: String, options: UpdateOptions) async throws -> MaskedAddress {
         try method.ensurePhoneMethod()
         return try await post("auth/magiclink/update/phone/\(method.rawValue)", headers: authorization(with: refreshJwt), body: [
             "loginId": loginId,
             "phone": phone,
-            "uri": uri,
+            "redirectUrl": redirectURL,
             "addToLoginIDs": options.contains(.addToLoginIds),
             "onMergeUseExisting": options.contains(.onMergeUseExisting),
         ])
@@ -195,33 +200,35 @@ class DescopeClient: HTTPClient {
         var maskedEmail: String
     }
 
-    func enchantedLinkSignUp(loginId: String, details: SignUpDetails?, uri: String?) async throws -> EnchantedLinkResponse {
+    func enchantedLinkSignUp(loginId: String, details: SignUpDetails?, redirectURL: String?) async throws -> EnchantedLinkResponse {
         return try await post("auth/enchantedlink/signup/email", body: [
             "loginId": loginId,
             "user": details?.dictValue,
-            "uri": uri,
+            "redirectUrl": redirectURL,
         ])
     }
 
-    func enchantedLinkSignIn(loginId: String, uri: String?) async throws -> EnchantedLinkResponse {
-        try await post("auth/enchantedlink/signin/email", body: [
+    func enchantedLinkSignIn(loginId: String, redirectURL: String?, refreshJwt: String?, options: LoginOptions?) async throws -> EnchantedLinkResponse {
+        try await post("auth/enchantedlink/signin/email", headers: authorization(with: refreshJwt), body: [
             "loginId": loginId,
-            "uri": uri,
+            "redirectUrl": redirectURL,
+            "loginOptions": options?.dictValue,
         ])
     }
 
-    func enchantedLinkSignUpOrIn(loginId: String, uri: String?) async throws -> EnchantedLinkResponse {
-        try await post("auth/enchantedlink/signup-in/email", body: [
+    func enchantedLinkSignUpOrIn(loginId: String, redirectURL: String?, refreshJwt: String?, options: LoginOptions?) async throws -> EnchantedLinkResponse {
+        try await post("auth/enchantedlink/signup-in/email", headers: authorization(with: refreshJwt), body: [
             "loginId": loginId,
-            "uri": uri,
+            "redirectUrl": redirectURL,
+            "loginOptions": options?.dictValue,
         ])
     }
 
-    func enchantedLinkUpdateEmail(_ email: String, loginId: String, uri: String?, refreshJwt: String, options: UpdateOptions) async throws -> EnchantedLinkResponse {
+    func enchantedLinkUpdateEmail(_ email: String, loginId: String, redirectURL: String?, refreshJwt: String, options: UpdateOptions) async throws -> EnchantedLinkResponse {
         return try await post("auth/enchantedlink/update/email", headers: authorization(with: refreshJwt), body: [
             "loginId": loginId,
             "email": email,
-            "uri": uri,
+            "redirectUrl": redirectURL,
             "addToLoginIDs": options.contains(.addToLoginIds),
             "onMergeUseExisting": options.contains(.onMergeUseExisting),
         ])
@@ -239,11 +246,11 @@ class DescopeClient: HTTPClient {
         var url: String
     }
 
-    func oauthStart(provider: OAuthProvider, redirectURL: String?) async throws -> OAuthResponse {
-        return try await post("auth/oauth/authorize", params: [
+    func oauthStart(provider: OAuthProvider, redirectURL: String?, refreshJwt: String?, options: LoginOptions?) async throws -> OAuthResponse {
+        return try await post("auth/oauth/authorize", headers: authorization(with: refreshJwt), params: [
             "provider": provider.rawValue,
-            "redirectURL": redirectURL,
-        ])
+            "redirectUrl": redirectURL
+        ], body: options?.dictValue ?? [:])
     }
 
     func oauthExchange(code: String) async throws -> JWTResponse {
@@ -258,11 +265,11 @@ class DescopeClient: HTTPClient {
         var url: String
     }
 
-    func ssoStart(emailOrTenantName: String, redirectURL: String?) async throws -> OAuthResponse {
-        return try await post("auth/saml/authorize", params: [
+    func ssoStart(emailOrTenantName: String, redirectURL: String?, refreshJwt: String?, options: LoginOptions?) async throws -> OAuthResponse {
+        return try await post("auth/saml/authorize", headers: authorization(with: refreshJwt), params: [
             "tenant": emailOrTenantName,
-            "redirectURL": redirectURL,
-        ])
+            "redirectUrl": redirectURL
+        ], body: options?.dictValue ?? [:])
     }
 
     func ssoExchange(code: String) async throws -> JWTResponse {
@@ -340,6 +347,20 @@ class DescopeClient: HTTPClient {
         var maskedPhone: String?
     }
 
+    struct LoginOptions {
+        var stepup: Bool = false
+        var mfa: Bool = false
+        var customClaims: [String: Any] = [:]
+
+        var dictValue: [String: Any?] {
+            return [
+                "stepup": stepup ? true : nil,
+                "mfa": mfa ? true : nil,
+                "customClaims": customClaims.isEmpty ? nil : customClaims,
+            ]
+        }
+    }
+
     // MARK: - Internal
 
     override var basePath: String {
@@ -358,7 +379,8 @@ class DescopeClient: HTTPClient {
         return DescopeError(errorResponse: data)
     }
 
-    private func authorization(with value: String) -> [String: String] {
+    private func authorization(with value: String?) -> [String: String] {
+        guard let value else { return [:] }
         return ["Authorization": "Bearer \(config.projectId):\(value)"]
     }
 }

diff --git a/src/internal/others/Deprecated.swift b/src/internal/others/Deprecated.swift
@@ -12,3 +12,60 @@ public typealias User = SignUpDetails
 /// See the documentation for `PasswordPolicyResponse`.
 @available(*, unavailable, renamed: "PasswordPolicyResponse")
 public typealias PasswordPolicy = PasswordPolicyResponse
+
+public extension DescopeOTP {
+    @available(*, deprecated, message: "Pass a value (or an empty array) for the options parameter")
+    func signIn(with method: DeliveryMethod, loginId: String) async throws -> String {
+        return try await signIn(with: method, loginId: loginId, options: [])
+    }
+
+    @available(*, deprecated, message: "Pass a value (or an empty array) for the options parameter")
+    func signUpOrIn(with method: DeliveryMethod, loginId: String) async throws -> String {
+        return try await signUpOrIn(with: method, loginId: loginId, options: [])
+    }
+}
+
+public extension DescopeTOTP {
+    @available(*, deprecated, message: "Pass a value (or an empty array) for the options parameter")
+    func verify(loginId: String, code: String) async throws -> AuthenticationResponse {
+        return try await verify(loginId: loginId, code: code, options: [])
+    }
+}
+
+public extension DescopeMagicLink {
+    @available(*, deprecated, message: "Pass a value (or an empty array) for the options parameter")
+    func signIn(with method: DeliveryMethod, loginId: String, redirectURL: String?) async throws -> String {
+        return try await signIn(with: method, loginId: loginId, redirectURL: redirectURL, options: [])
+    }
+
+    @available(*, deprecated, message: "Pass a value (or an empty array) for the options parameter")
+    func signUpOrIn(with method: DeliveryMethod, loginId: String, redirectURL: String?) async throws -> String {
+        return try await signUpOrIn(with: method, loginId: loginId, redirectURL: redirectURL, options: [])
+    }
+}
+
+public extension DescopeEnchantedLink {
+    @available(*, deprecated, message: "Pass a value (or an empty array) for the options parameter")
+    func signIn(loginId: String, redirectURL: String?) async throws -> EnchantedLinkResponse {
+        return try await signIn(loginId: loginId, redirectURL: redirectURL, options: [])
+    }
+
+    @available(*, deprecated, message: "Pass a value (or an empty array) for the options parameter")
+    func signUpOrIn(loginId: String, redirectURL: String?) async throws -> EnchantedLinkResponse {
+        return try await signUpOrIn(loginId: loginId, redirectURL: redirectURL, options: [])
+    }
+}
+
+public extension DescopeOAuth {
+    @available(*, deprecated, message: "Pass a value (or an empty array) for the options parameter")
+    func start(provider: OAuthProvider, redirectURL: String?) async throws -> String {
+        return try await start(provider: provider, redirectURL: redirectURL, options: [])
+    }
+}
+
+public extension DescopeSSO {
+    @available(*, deprecated, message: "Pass a value (or an empty array) for the options parameter")
+    func start(emailOrTenantName: String, redirectURL: String?) async throws -> String {
+        return try await start(emailOrTenantName: emailOrTenantName, redirectURL: redirectURL, options: [])
+    }
+}
diff --git a/src/internal/routes/EnchantedLink.swift b/src/internal/routes/EnchantedLink.swift
@@ -10,20 +10,22 @@ class EnchantedLink: Route, DescopeEnchantedLink {
         self.client = client
     }
 
-    func signUp(loginId: String, details: SignUpDetails?, uri: String?) async throws -> EnchantedLinkResponse {
-        return try await client.enchantedLinkSignUp(loginId: loginId, details: details, uri: uri).convert()
+    func signUp(loginId: String, details: SignUpDetails?, redirectURL: String?) async throws -> EnchantedLinkResponse {
+        return try await client.enchantedLinkSignUp(loginId: loginId, details: details, redirectURL: redirectURL).convert()
     }
 
-    func signIn(loginId: String, uri: String?) async throws -> EnchantedLinkResponse {
-        return try await client.enchantedLinkSignIn(loginId: loginId, uri: uri).convert()
+    func signIn(loginId: String, redirectURL: String?, options: [SignInOptions]) async throws -> EnchantedLinkResponse {
+        let (refreshJwt, loginOptions) = try options.convert()
+        return try await client.enchantedLinkSignIn(loginId: loginId, redirectURL: redirectURL, refreshJwt: refreshJwt, options: loginOptions).convert()
     }
 
-    func signUpOrIn(loginId: String, uri: String?) async throws -> EnchantedLinkResponse {
-        return try await client.enchantedLinkSignUpOrIn(loginId: loginId, uri: uri).convert()
+    func signUpOrIn(loginId: String, redirectURL: String?, options: [SignInOptions]) async throws -> EnchantedLinkResponse {
+        let (refreshJwt, loginOptions) = try options.convert()
+        return try await client.enchantedLinkSignUpOrIn(loginId: loginId, redirectURL: redirectURL, refreshJwt: refreshJwt, options: loginOptions).convert()
     }
 
-    func updateEmail(_ email: String, loginId: String, uri: String?, refreshJwt: String, options: UpdateOptions) async throws -> EnchantedLinkResponse {
-        return try await client.enchantedLinkUpdateEmail(email, loginId: loginId, uri: uri, refreshJwt: refreshJwt, options: options).convert()
+    func updateEmail(_ email: String, loginId: String, redirectURL: String?, refreshJwt: String, options: UpdateOptions) async throws -> EnchantedLinkResponse {
+        return try await client.enchantedLinkUpdateEmail(email, loginId: loginId, redirectURL: redirectURL, refreshJwt: refreshJwt, options: options).convert()
     }
 
     func checkForSession(pendingRef: String) async throws -> AuthenticationResponse {

diff --git a/src/internal/routes/MagicLink.swift b/src/internal/routes/MagicLink.swift
@@ -8,24 +8,26 @@ class MagicLink: DescopeMagicLink {
         self.client = client
     }
 
-    func signUp(with method: DeliveryMethod, loginId: String, details: SignUpDetails?, uri: String?) async throws -> String {
-        return try await client.magicLinkSignUp(with: method, loginId: loginId, details: details, uri: uri).convert(method: method)
+    func signUp(with method: DeliveryMethod, loginId: String, details: SignUpDetails?, redirectURL: String?) async throws -> String {
+        return try await client.magicLinkSignUp(with: method, loginId: loginId, details: details, redirectURL: redirectURL).convert(method: method)
     }
 
-    func signIn(with method: DeliveryMethod, loginId: String, uri: String?) async throws -> String {
-        return try await client.magicLinkSignIn(with: method, loginId: loginId, uri: uri).convert(method: method)
+    func signIn(with method: DeliveryMethod, loginId: String, redirectURL: String?, options: [SignInOptions]) async throws -> String {
+        let (refreshJwt, loginOptions) = try options.convert()
+        return try await client.magicLinkSignIn(with: method, loginId: loginId, redirectURL: redirectURL, refreshJwt: refreshJwt, options: loginOptions).convert(method: method)
     }
 
-    func signUpOrIn(with method: DeliveryMethod, loginId: String, uri: String?) async throws -> String {
-        return try await client.magicLinkSignUpOrIn(with: method, loginId: loginId, uri: uri).convert(method: method)
+    func signUpOrIn(with method: DeliveryMethod, loginId: String, redirectURL: String?, options: [SignInOptions]) async throws -> String {
+        let (refreshJwt, loginOptions) = try options.convert()
+        return try await client.magicLinkSignUpOrIn(with: method, loginId: loginId, redirectURL: redirectURL, refreshJwt: refreshJwt, options: loginOptions).convert(method: method)
     }
 
-    func updateEmail(_ email: String, loginId: String, uri: String?, refreshJwt: String, options: UpdateOptions) async throws -> String {
-        return try await client.magicLinkUpdateEmail(email, loginId: loginId, uri: uri, refreshJwt: refreshJwt, options: options).convert(method: .email)
+    func updateEmail(_ email: String, loginId: String, redirectURL: String?, refreshJwt: String, options: UpdateOptions) async throws -> String {
+        return try await client.magicLinkUpdateEmail(email, loginId: loginId, redirectURL: redirectURL, refreshJwt: refreshJwt, options: options).convert(method: .email)
     }
 
-    func updatePhone(_ phone: String, with method: DeliveryMethod, loginId: String, uri: String?, refreshJwt: String, options: UpdateOptions) async throws -> String {
-        return try await client.magicLinkUpdatePhone(phone, with: method, loginId: loginId, uri: uri, refreshJwt: refreshJwt, options: options).convert(method: method)
+    func updatePhone(_ phone: String, with method: DeliveryMethod, loginId: String, redirectURL: String?, refreshJwt: String, options: UpdateOptions) async throws -> String {
+        return try await client.magicLinkUpdatePhone(phone, with: method, loginId: loginId, redirectURL: redirectURL, refreshJwt: refreshJwt, options: options).convert(method: method)
     }
 
     func verify(token: String) async throws -> AuthenticationResponse {

diff --git a/src/internal/routes/OAuth.swift b/src/internal/routes/OAuth.swift
@@ -6,8 +6,10 @@ class OAuth: DescopeOAuth {
         self.client = client
     }
 
-    func start(provider: OAuthProvider, redirectURL: String?) async throws -> String {
-        return try await client.oauthStart(provider: provider, redirectURL: redirectURL).url
+    func start(provider: OAuthProvider, redirectURL: String?, options: [SignInOptions]) async throws -> String {
+        let (refreshJwt, loginOptions) = try options.convert()
+        let response = try await client.oauthStart(provider: provider, redirectURL: redirectURL, refreshJwt: refreshJwt, options: loginOptions)
+        return response.url
     }
 
     func exchange(code: String) async throws -> AuthenticationResponse {