From c778e8329c2b694a1e9231c3babd4489e6a4667e Mon Sep 17 00:00:00 2001
From: Thomas Hipp <thomashipp@gmail.com>
Date: Mon, 3 Apr 2023 14:40:29 +0200
Subject: [PATCH] feat: Allow modifying request to device authorization
 endpoint (#356)

* feat: Allow modifying request to device authorization endpoint

This change enables the caller to set URL parameters when calling the
device authorization endpoint.

Fixes #354

* Update device authorization example
---
 example/client/device/device.go | 2 +-
 pkg/client/client.go            | 4 ++--
 pkg/client/rp/device.go         | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/example/client/device/device.go b/example/client/device/device.go
index c186b34..bea6134 100644
--- a/example/client/device/device.go
+++ b/example/client/device/device.go
@@ -45,7 +45,7 @@ func main() {
 	}
 
 	logrus.Info("starting device authorization flow")
-	resp, err := rp.DeviceAuthorization(ctx, scopes, provider)
+	resp, err := rp.DeviceAuthorization(ctx, scopes, provider, nil)
 	if err != nil {
 		logrus.Fatal(err)
 	}
diff --git a/pkg/client/client.go b/pkg/client/client.go
index b9580ff..37c7ec2 100644
--- a/pkg/client/client.go
+++ b/pkg/client/client.go
@@ -186,8 +186,8 @@ type DeviceAuthorizationCaller interface {
 	HttpClient() *http.Client
 }
 
-func CallDeviceAuthorizationEndpoint(ctx context.Context, request *oidc.ClientCredentialsRequest, caller DeviceAuthorizationCaller) (*oidc.DeviceAuthorizationResponse, error) {
-	req, err := httphelper.FormRequest(ctx, caller.GetDeviceAuthorizationEndpoint(), request, Encoder, nil)
+func CallDeviceAuthorizationEndpoint(ctx context.Context, request *oidc.ClientCredentialsRequest, caller DeviceAuthorizationCaller, authFn any) (*oidc.DeviceAuthorizationResponse, error) {
+	req, err := httphelper.FormRequest(ctx, caller.GetDeviceAuthorizationEndpoint(), request, Encoder, authFn)
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/client/rp/device.go b/pkg/client/rp/device.go
index b2c5be6..788e23e 100644
--- a/pkg/client/rp/device.go
+++ b/pkg/client/rp/device.go
@@ -33,13 +33,13 @@ func newDeviceClientCredentialsRequest(scopes []string, rp RelyingParty) (*oidc.
 // DeviceAuthorization starts a new Device Authorization flow as defined
 // in RFC 8628, section 3.1 and 3.2:
 // https://www.rfc-editor.org/rfc/rfc8628#section-3.1
-func DeviceAuthorization(ctx context.Context, scopes []string, rp RelyingParty) (*oidc.DeviceAuthorizationResponse, error) {
+func DeviceAuthorization(ctx context.Context, scopes []string, rp RelyingParty, authFn any) (*oidc.DeviceAuthorizationResponse, error) {
 	req, err := newDeviceClientCredentialsRequest(scopes, rp)
 	if err != nil {
 		return nil, err
 	}
 
-	return client.CallDeviceAuthorizationEndpoint(ctx, req, rp)
+	return client.CallDeviceAuthorizationEndpoint(ctx, req, rp, authFn)
 }
 
 // DeviceAccessToken attempts to obtain tokens from a Device Authorization,