From 65d53e3597f3a1f75108fa60597af08b038684ac Mon Sep 17 00:00:00 2001
From: James Harton <59449+jimsynz@users.noreply.github.com>
Date: Tue, 15 Nov 2022 14:32:36 +1300
Subject: [PATCH] improvement(OAuth2Authentication)!: Make the `site` option
 runtime configurable. (#31)

---
 .../oauth2_authentication.ex                  | 20 +++++++++++++++----
 .../oauth2_authentication/info.ex             |  2 +-
 test/support/example/user_with_username.ex    |  2 +-
 3 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/lib/ash_authentication/oauth2_authentication.ex b/lib/ash_authentication/oauth2_authentication.ex
index 8b8d5cf..ec13c6b 100644
--- a/lib/ash_authentication/oauth2_authentication.ex
+++ b/lib/ash_authentication/oauth2_authentication.ex
@@ -31,8 +31,18 @@ defmodule AshAuthentication.OAuth2Authentication do
           required: true
         ],
         site: [
-          type: :string,
-          doc: "The base URL of the OAuth2 server.",
+          type:
+            {:spark_function_behaviour, AshAuthentication.Secret,
+             {AshAuthentication.SecretFunction, 3}},
+          doc: """
+          The base URL of the OAuth2 server.
+
+          Takes either a 2..3 arity anonymous function, or a module which
+          implements the `AshAuthentication.Secret` behaviour.
+
+          See the module documentation for `AshAuthentication.Secret` for more
+          information.
+          """,
           required: true
         ],
         auth_method: [
@@ -243,10 +253,12 @@ defmodule AshAuthentication.OAuth2Authentication do
         Application.fetch_env(:my_app, :oauth2_client_secret)
       end
 
-      site "https://auth.example.com"
+      site fn _, _, _ ->
+        {:ok, "https://auth.example.com"}
+      end)
 
       redirect_uri fn _, _, _ ->
-        "https://localhost:4000/auth"
+        {:ok, "https://localhost:4000/auth"}
       end
     end
 
diff --git a/lib/ash_authentication/oauth2_authentication/info.ex b/lib/ash_authentication/oauth2_authentication/info.ex
index 58f0a35..6893eda 100644
--- a/lib/ash_authentication/oauth2_authentication/info.ex
+++ b/lib/ash_authentication/oauth2_authentication/info.ex
@@ -23,7 +23,7 @@ defmodule AshAuthentication.OAuth2Authentication.Info do
            AshAuthentication.Info.tokens_signing_algorithm(resource),
          {:ok, authorization_params} <- authorization_params(resource),
          {:ok, redirect_uri} <- fetch_secret(resource, :redirect_uri),
-         {:ok, site} <- site(resource),
+         {:ok, site} <- fetch_secret(resource, :site),
          {:ok, authorize_path} <- authorize_path(resource),
          {:ok, token_path} <- token_path(resource),
          {:ok, user_path} <- user_path(resource) do
diff --git a/test/support/example/user_with_username.ex b/test/support/example/user_with_username.ex
index bfc070f..6ccbaae 100644
--- a/test/support/example/user_with_username.ex
+++ b/test/support/example/user_with_username.ex
@@ -113,7 +113,7 @@ defmodule Example.UserWithUsername do
     client_id(fn _, _, _ -> {:ok, "made up"} end)
     redirect_uri(fn _, _, _ -> {:ok, "http://localhost:4000/auth"} end)
     client_secret(fn _, _, _ -> {:ok, "also made up"} end)
-    site("https://example.com")
+    site(fn _, _, _ -> {:ok, "https://example.com"} end)
     authorization_params(scope: "openid profile email")
     auth_method(:client_secret_post)
     identity_resource(Example.UserIdentity)