pagopa · mastro993 · Apr 2, 2025 · Apr 1, 2025 · Apr 1, 2025
@@ -49,7 +49,7 @@ export type BuildAuthorizationUrl = (
   issuerRequestUri: Out<StartUserAuthorization>["issuerRequestUri"],
   clientId: Out<StartUserAuthorization>["clientId"],
   issuerConf: Out<EvaluateIssuerTrust>["issuerConf"],
-  idpHint: string
+  idpHint?: string
 ) => Promise<{
   authUrl: string;
 }>;
@@ -60,7 +60,7 @@ export type BuildAuthorizationUrl = (
  * @param issuerRequestUri the URI of the issuer where the request is sent
  * @param clientId Identifies the current client across all the requests of the issuing flow returned by {@link startUserAuthorization}
  * @param issuerConf The issuer configuration returned by {@link evaluateIssuerTrust}
- * @param idpHint Unique identifier of the IDP selected by the user
+ * @param idpHint Unique identifier of the IDP selected by the user (optional)
  * @returns An object containing the authorization URL
  */
 export const buildAuthorizationUrl: BuildAuthorizationUrl = async (
@@ -75,9 +75,12 @@ export const buildAuthorizationUrl: BuildAuthorizationUrl = async (
   const params = new URLSearchParams({
     client_id: clientId,
     request_uri: issuerRequestUri,
-    idphint: idpHint,
   });
 
+  if (idpHint) {
+    params.append("idphint", idpHint);
+  }
+
   const authUrl = `${authzRequestEndpoint}?${params}`;
 
   return { authUrl };

@@ -1,5 +1,10 @@
 import { AuthorizationError, AuthorizationIdpError } from "../errors";
-import { completeUserAuthorizationWithQueryMode } from "../04-complete-user-authorization";
+import {
+  buildAuthorizationUrl,
+  completeUserAuthorizationWithQueryMode,
+} from "../04-complete-user-authorization";
+import type { Out } from "src/utils/misc";
+import type { EvaluateIssuerTrust } from "src/credential/status";
 
 describe("authorizeUserWithQueryMode", () => {
   it("should return the authorization result when the authorization server responds with a valid response", async () => {
@@ -45,3 +50,40 @@ describe("authorizeUserWithQueryMode", () => {
     }
   });
 });
+
+describe("buildAuthorizationUrl", () => {
+  it("should build the authorization URL", async () => {
+    const authUrl = await buildAuthorizationUrl(
+      "issuerRequestUri",
+      "clientId",
+      {
+        oauth_authorization_server: {
+          authorization_endpoint: "https://issuer.com/authorize",
+        },
+      } as Out<EvaluateIssuerTrust>["issuerConf"],
+      "idpHint"
+    );
+
+    expect(authUrl).toMatchObject({
+      authUrl:
+        "https://issuer.com/authorize?client_id=clientId&request_uri=issuerRequestUri&idphint=idpHint",
+    });
+  });
+
+  it("should build the authorization URL without idpHint", async () => {
+    const authUrl = await buildAuthorizationUrl(
+      "issuerRequestUri",
+      "clientId",
+      {
+        oauth_authorization_server: {
+          authorization_endpoint: "https://issuer.com/authorize",
+        },
+      } as Out<EvaluateIssuerTrust>["issuerConf"]
+    );
+
+    expect(authUrl).toMatchObject({
+      authUrl:
+        "https://issuer.com/authorize?client_id=clientId&request_uri=issuerRequestUri",
+    });
+  });
+});