Dart: Auth API (draft)

main.dart

void main() async {
  final loginResult = await Auth0Client('brucke.auth0.com', 'client123').webAuthentication().login(
      audience: 'test',
      scopes: {'openid', 'profile', 'email'},
      redirectUri: 'com.auth0.samples://flutter',
      idTokenValidationConfig: IdTokenValidationConfig(leeway: 60),
      organizationId: '1234',
      useEphemeralSession: true,
      parameters: {'screen_hint': 'signup'});


  print(loginResult.userProfile);
}

class Account {
  final String domain;
  final String clientId;

  const Account(this.domain, this.clientId);
}

class Auth0Client {
  final Account account;

  Auth0Client(String domain, String clientId)
      : account = Account(domain, clientId);

  Auth0Client.withAccount(this.account);

  webAuthentication() => WebAuthentication(account);

  authenticationApi() => AuthenticationApiClient(account);
}

// Base class for results that return tokens
class CodeExchangeResult {
  final String idToken;
  final String accessToken;
  final String? refreshToken;
  final int expiresIn;
  final Set<String>? scopes;
  
  const CodeExchangeResult(
      {required this.idToken, required this.accessToken, this.refreshToken, required this.expiresIn, this.scopes });
}

// Result for successful logins that return tokens
class LoginResult extends CodeExchangeResult {
  final Map<String, String> userProfile;

  const LoginResult(
      { required String idToken,
        required String accessToken,
        String? refreshToken,
        required int expiresIn,
        Set<String>? scopes,
      required this.userProfile})
      : super(
            idToken: idToken,
            accessToken: accessToken,
            refreshToken: refreshToken,
            expiresIn: expiresIn,
            scopes: scopes);
}

// Captures configuration for ID token validation
class IdTokenValidationConfig {
  final String? issuer;
  final int? leeway;
  final int? maxAge;

  IdTokenValidationConfig({this.issuer, this.leeway, this.maxAge});
}

// API for using Universal Login
class WebAuthentication {
  final Account account;

  WebAuthentication(this.account);

  Future<LoginResult> login(
      {String? audience,
      String? issuer,
      Set<String>? scopes,
      String? redirectUri,
      String? organizationId,
      String? invitationUrl,
      IdTokenValidationConfig? idTokenValidationConfig,
      bool useEphemeralSession = false,
      Map<String, String>? parameters}) {
    // async login business here

    // Can return an error:
//  return Future.value(LoginErrorResult('Login failed'));

    // Or a successful result
    return Future.value(LoginResult(
        idToken: 'token',
        accessToken: 'token',
        expiresIn: 86400,
        userProfile: {'sub': 'auth0|123'}));
  }

  logout({String? returnTo}) {
    // ..
  }
}

// API for Auth0 authentication API
class AuthenticationApiClient {
  final Account account;

  AuthenticationApiClient(this.account);

  Future<CodeExchangeResult> codeExchange(String code) {
    // Exchange the code ..

    return Future.value(
        CodeExchangeResult(idToken: 'id token', accessToken: 'access token', expiresIn: 86400));
  }

  Future login ({ required String username, required String password }) => Future.value();
  Future createUser() => Future.value();
  Future userProfile() => Future.value();
  Future renewCredentials() => Future.value();
  Future resetPassword() => Future.value();
}