Support x_authentication_flow_group

example/capacitor/src/pages/Home.tsx

@@ -99,6 +99,7 @@ function AuthgearDemo() {
   const [endpoint, setEndpoint] = useState(() => {
     return readEndpoint();
   });
+  const [authenticationFlowGroup, setAuthenticationFlowGroup] = useState("");
   const [page, setPage] = useState("");
   const [colorScheme, setColorScheme] = useState("");
   const [useTransientTokenStorage, setUseTransientTokenStorage] =
@@ -252,6 +253,7 @@ function AuthgearDemo() {
           colorScheme:
             colorScheme === "" ? undefined : (colorScheme as ColorScheme),
           page: page === "" ? undefined : page,
+          authenticationFlowGroup,
         });
         showUserInfo(result.userInfo);
       }
@@ -261,7 +263,14 @@ function AuthgearDemo() {
       setLoading(false);
       await updateBiometricState();
     }
-  }, [colorScheme, page, showError, showUserInfo, updateBiometricState]);
+  }, [
+    authenticationFlowGroup,
+    colorScheme,
+    page,
+    showError,
+    showUserInfo,
+    updateBiometricState,
+  ]);
 
   const enableBiometric = useCallback(async () => {
     setLoading(true);
@@ -329,6 +338,7 @@ function AuthgearDemo() {
 
         authgearWeb.startReauthentication({
           redirectURI: REDIRECT_URI_WEB_REAUTH,
+          authenticationFlowGroup,
         });
       } else {
         await authgearCapacitor.refreshIDToken();
@@ -350,7 +360,7 @@ function AuthgearDemo() {
     } finally {
       setLoading(false);
     }
-  }, [showError, colorScheme, showAuthTime]);
+  }, [authenticationFlowGroup, showError, colorScheme, showAuthTime]);
 
   const reauthenticate = useCallback(async () => {
     setLoading(true);
@@ -365,6 +375,7 @@ function AuthgearDemo() {
 
         authgearWeb.startReauthentication({
           redirectURI: REDIRECT_URI_WEB_REAUTH,
+          authenticationFlowGroup,
         });
       } else {
         await authgearCapacitor.refreshIDToken();
@@ -389,7 +400,7 @@ function AuthgearDemo() {
     } finally {
       setLoading(false);
     }
-  }, [showError, colorScheme, showAuthTime]);
+  }, [authenticationFlowGroup, showError, colorScheme, showAuthTime]);
 
   const openSettings = useCallback(async () => {
     if (isPlatformWeb()) {
@@ -674,6 +685,12 @@ function AuthgearDemo() {
           onIonInput={onChangeEndpoint}
           value={endpoint}
         />
+        <IonInput
+          type="text"
+          label="Authentication Flow Group"
+          placeholder="Enter Authentication Flow Group"
+          onIonInput={(e) => setAuthenticationFlowGroup(e.detail.value!)}
+        />
         <IonSelect label="Page" value={page} onIonChange={onChangePage}>
           <IonSelectOption value="">Unset</IonSelectOption>
           <IonSelectOption value="login">Login</IonSelectOption>

example/reactnative/src/screens/MainScreen.tsx

@@ -150,6 +150,7 @@ const HomeScreen: React.FC = () => {
   const [loading, setLoading] = useState(false);
   const [clientID, setClientID] = useState('');
   const [endpoint, setEndpoint] = useState('');
+  const [authenticationFlowGroup, setAuthenticationflowGroup] = useState('');
   const [page, setPage] = useState('');
   const [explicitColorScheme, setExplicitColorScheme] =
     useState<ColorScheme | null>(null);
@@ -400,6 +401,7 @@ const HomeScreen: React.FC = () => {
         wechatRedirectURI,
         colorScheme: colorScheme as ColorScheme,
         page,
+        authenticationFlowGroup,
       })
       .then(({userInfo}) => {
         setUserInfo(userInfo);
@@ -412,7 +414,14 @@ const HomeScreen: React.FC = () => {
         setLoading(false);
         updateBiometricState();
       });
-  }, [page, updateBiometricState, showError, showUser, colorScheme]);
+  }, [
+    page,
+    authenticationFlowGroup,
+    updateBiometricState,
+    showError,
+    showUser,
+    colorScheme,
+  ]);
 
   const loginAnonymously = useCallback(() => {
     setLoading(true);
@@ -464,6 +473,7 @@ const HomeScreen: React.FC = () => {
           redirectURI,
           colorScheme: colorScheme as ColorScheme,
           wechatRedirectURI,
+          authenticationFlowGroup,
         },
         biometricOptions,
       );
@@ -480,7 +490,7 @@ const HomeScreen: React.FC = () => {
       .finally(() => {
         setLoading(false);
       });
-  }, [showError, showUser, colorScheme]);
+  }, [authenticationFlowGroup, showError, showUser, colorScheme]);
 
   const reauthenticateWebOnly = useCallback(() => {
     async function task() {
@@ -495,6 +505,7 @@ const HomeScreen: React.FC = () => {
         redirectURI,
         colorScheme: colorScheme as ColorScheme,
         wechatRedirectURI,
+        authenticationFlowGroup,
       });
 
       setUserInfo(userInfo);
@@ -509,7 +520,7 @@ const HomeScreen: React.FC = () => {
       .finally(() => {
         setLoading(false);
       });
-  }, [showError, showUser, colorScheme]);
+  }, [authenticationFlowGroup, showError, showUser, colorScheme]);
 
   const enableBiometric = useCallback(() => {
     setLoading(true);
@@ -636,6 +647,17 @@ const HomeScreen: React.FC = () => {
             placeholder="Enter endpoint"
           />
         </View>
+        <View style={styles.input}>
+          <Text style={styles.inputLabel}>Authentication Flow Group</Text>
+          <TextInput
+            style={styles.inputField}
+            value={authenticationFlowGroup}
+            onChangeText={setAuthenticationflowGroup}
+            autoCapitalize="none"
+            autoCorrect={false}
+            placeholder="Enter flow group"
+          />
+        </View>
         <View style={styles.input}>
           <Text style={styles.inputLabel}>Page</Text>
           <RadioGroup

example/reactweb/src/App.tsx

@@ -90,6 +90,8 @@ function Root() {
   const [clientID, setClientID] = useState(initialClientID);
   const [endpoint, setEndpoint] = useState(initialEndpoint);
   const [isSSOEnabled, setIsSSOEnabled] = useState(initialIsSSOEnabled);
+  const [page, setPage] = useState<string>();
+  const [authenticationFlowGroup, setAuthenticationflowGroup] = useState<string>("");
 
   const [error, setError] = useState<unknown>(null);
   const [userInfo, setUserInfo] = useState<UserInfo | null>(null);
@@ -213,12 +215,14 @@ function Root() {
       .startAuthentication({
         redirectURI: makeRedirectURI(),
         state: "authenticate",
+        page,
+        authenticationFlowGroup,
       })
       .then(
         () => {},
         (err) => setError(err)
       );
-  }, []);
+  }, [page, authenticationFlowGroup]);
 
   const onClickSignInAnonymously = useCallback(
     (e: React.MouseEvent<HTMLElement>) => {
@@ -284,6 +288,7 @@ function Root() {
               .startReauthentication({
                 redirectURI: makeRedirectURI(),
                 state: "reauthenticate",
+                authenticationFlowGroup,
               })
               .then(
                 () => {},
@@ -300,7 +305,7 @@ function Root() {
         (err) => setError(err)
       );
     },
-    []
+    [authenticationFlowGroup]
   );
 
   const onClickPromoteAnonymousUser = useCallback(
@@ -382,6 +387,28 @@ function Root() {
           onChange={onChangeEndpoint}
         />
       </label>
+      <label className="label">
+        Authentication Flow Group
+        <input
+          className="input"
+          type="text"
+          placeholder="Enter Flow Group"
+          value={authenticationFlowGroup}
+          onChange={(e) => setAuthenticationflowGroup(e.currentTarget.value)}
+        />
+      </label>
+      <label className="label">
+        Page
+        <select
+          className="input"
+          value={page}
+          onChange={(e) => setPage(e.currentTarget.value)}
+        >
+          <option value={undefined}>Unset</option>
+          <option value="signup">Signup</option>
+          <option value="login">Login</option>
+        </select>
+      </label>
       <label className="label">
         Is SSO Enabled
         <input

packages/authgear-capacitor/src/types.ts

@@ -89,6 +89,10 @@ export interface AuthenticateOptions {
    * then set oauthProviderAlias to "google".
    */
   oauthProviderAlias?: string;
+  /**
+   * Authentication flow group
+   */
+  authenticationFlowGroup?: string;
 }
 
 /**
@@ -126,6 +130,11 @@ export interface ReauthenticateOptions {
    * OIDC max_age
    */
   maxAge?: number;
+
+  /**
+   * Authentication flow group
+   */
+  authenticationFlowGroup?: string;
 }
 
 /**

packages/authgear-core/src/container.ts

@@ -416,6 +416,9 @@ export class _BaseContainer<T extends _BaseAPIClient> {
       query.append("x_suppress_idp_session_cookie", "true");
     }
     query.append("x_sso_enabled", this.isSSOEnabled ? "true" : "false");
+    if (options.authenticationFlowGroup != null) {
+      query.append("x_authentication_flow_group", options.authenticationFlowGroup);
+    }
 
     return `${config.authorization_endpoint}?${query.toString()}`;
   }

packages/authgear-core/src/types.ts

@@ -89,6 +89,7 @@ export interface _OIDCAuthenticationRequest {
   suppressIDPSessionCookie?: boolean;
   oauthProviderAlias?: string;
   xSettingsAction?: "change_password";
+  authenticationFlowGroup?: string;
 }
 
 /**

packages/authgear-react-native/src/types.ts

@@ -106,6 +106,10 @@ export interface AuthenticateOptions {
    * then set oauthProviderAlias to "google".
    */
   oauthProviderAlias?: string;
+  /**
+   * Authentication flow group
+   */
+  authenticationFlowGroup?: string;
 }
 
 /**
@@ -145,6 +149,11 @@ export interface ReauthenticateOptions {
    * OIDC max_age
    */
   maxAge?: number;
+
+  /**
+   * Authentication flow group
+   */
+  authenticationFlowGroup?: string;
 }
 
 /**

packages/authgear-web/src/types.ts

@@ -54,6 +54,10 @@ export interface ReauthenticateOptions {
    * OIDC max_age
    */
   maxAge?: number;
+  /**
+   * Authentication flow group
+   */
+  authenticationFlowGroup?: string;
 }
 
 /**
@@ -117,6 +121,10 @@ export interface AuthenticateOptions {
    * then set oauthProviderAlias to "google".
    */
   oauthProviderAlias?: string;
+  /**
+   * Authentication flow group
+   */
+  authenticationFlowGroup?: string;
 }
 
 /**