Add prompt option to creating authorization urls (#383)

* Add prompt option to creating authorization urls * Add test * Update doc string to be more specific about usage --------- Co-authored-by: Michael Hadley <[email protected]>
workos · Nov 22, 2024 · 079586f · 079586f
1 parent f05a0ec
commit 079586f
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 0 deletions.
diff --git a/tests/test_user_management.py b/tests/test_user_management.py
@@ -212,6 +212,26 @@ def test_authorization_url_has_expected_query_params_with_provider(self):
             "response_type": RESPONSE_TYPE_CODE,
         }
 
+    def test_authorization_url_has_expected_query_params_with_prompt(self):
+        provider = "GoogleOAuth"
+        redirect_uri = "https://localhost/auth/callback"
+        prompt = "consent"
+        authorization_url = self.user_management.get_authorization_url(
+            provider=provider,
+            redirect_uri=redirect_uri,
+            prompt=prompt,
+        )
+
+        parsed_url = urlparse(authorization_url)
+        assert parsed_url.path == "/user_management/authorize"
+        assert dict(parse_qsl(str(parsed_url.query))) == {
+            "client_id": self.http_client.client_id,
+            "redirect_uri": redirect_uri,
+            "response_type": RESPONSE_TYPE_CODE,
+            "provider": provider,
+            "prompt": prompt,
+        }
+
     def test_authorization_url_has_expected_query_params_with_domain_hint(self):
         connection_id = "connection_123"
         redirect_uri = "https://localhost/auth/callback"

diff --git a/workos/user_management.py b/workos/user_management.py
@@ -325,6 +325,7 @@ def get_authorization_url(
         connection_id: Optional[str] = None,
         organization_id: Optional[str] = None,
         code_challenge: Optional[str] = None,
+        prompt: Optional[str] = None,
     ) -> str:
         """Generate an OAuth 2.0 authorization URL.
 
@@ -349,6 +350,9 @@ def get_authorization_url(
             state (str): An encoded string passed to WorkOS that'd be preserved through the authentication workflow, passed
                 back as a query parameter. (Optional)
             code_challenge (str): Code challenge is derived from the code verifier used for the PKCE flow. (Optional)
+            prompt (str): Used to specify whether the upstream provider should prompt the user for credentials or other
+                consent. Valid values depend on the provider. Currently only applies to provider values of 'GoogleOAuth',
+                'MicrosoftOAuth', or 'GitHubOAuth'. (Optional)
 
         Returns:
             str: URL to redirect a User to to begin the OAuth workflow with WorkOS
@@ -379,6 +383,8 @@ def get_authorization_url(
         if code_challenge:
             params["code_challenge"] = code_challenge
             params["code_challenge_method"] = "S256"
+        if prompt is not None:
+            params["prompt"] = prompt
 
         return RequestHelper.build_url_with_query_params(
             base_url=self._client_configuration.base_url,