feat(#479): set returnUrl in requests

Author: Zonnex

src/ActiveLogin.Authentication.BankId.Api/BankIdAppApiClientExtensions.cs

@@ -6,7 +6,7 @@ namespace ActiveLogin.Authentication.BankId.Api;
 /// Extensions to enable easier access to common api scenarios.
 /// </summary>
 public static class BankIdAppApiClientExtensions
-{
+{
     /// <summary></summary>
     /// <param name="appApiClient">The <see cref="IBankIdAppApiClient"/> instance.</param>
     /// <param name="endUserIp">
@@ -27,21 +27,26 @@ public static class BankIdAppApiClientExtensions
     /// <param name="userVisibleDataFormat">
     /// If present, and set to "simpleMarkdownV1", this parameter indicates that userVisibleData holds formatting characters which, if used correctly, will make the text displayed with the user nicer to look at.
     /// For further information of formatting options, please study the document Guidelines for Formatted Text.
+    /// </param>
+    /// <param name="returnUrl">
+    /// If present the user will be redirected to this URL when the order is completed. Any return URL provided in the start URL when the BankID app was launched will be ignored.
     /// </param>
     public static Task<AuthResponse> AuthAsync(
         this IBankIdAppApiClient appApiClient,
         string endUserIp,
         Requirement? requirement = null,
         string? userVisibleData = null,
         byte[]? userNonVisibleData = null,
-        string? userVisibleDataFormat = null)
+        string? userVisibleDataFormat = null,
+        string? returnUrl = null)
     {
         return appApiClient.AuthAsync(new(
             endUserIp,
             userVisibleData: userVisibleData,
             userNonVisibleData: userNonVisibleData,
             requirement: requirement,
-            userVisibleDataFormat: userVisibleDataFormat));
+            userVisibleDataFormat: userVisibleDataFormat,
+            returnUrl: returnUrl));
     }
 
     /// <summary>
@@ -81,8 +86,8 @@ public static Task<AuthResponse> AuthAsync(this IBankIdAppApiClient appApiClient
     public static Task<SignResponse> SignAsync(this IBankIdAppApiClient appApiClient, string endUserIp, string userVisibleData)
     {
         return appApiClient.SignAsync(new SignRequest(endUserIp, userVisibleData));
-    }
-
+    }
+
     /// <summary>
     /// Initiates an authentication order. Use the collect method to query the status of the order.
     /// </summary>
@@ -100,14 +105,18 @@ public static Task<SignResponse> SignAsync(this IBankIdAppApiClient appApiClient
     /// </param>
     /// <param name="userNonVisibleData">
     /// Data not displayed to the user.
+    /// </param>
+    /// <param name="returnUrl">
+    /// If present the user will be redirected to this URL when the order is completed. Any return URL provided in the start URL when the BankID app was launched will be ignored.
     /// </param>
     /// <returns>If the request is successful, the OrderRef and AutoStartToken is returned.</returns>
-    public static Task<SignResponse> SignAsync(this IBankIdAppApiClient appApiClient, string endUserIp, string userVisibleData, byte[] userNonVisibleData)
+    public static Task<SignResponse> SignAsync(this IBankIdAppApiClient appApiClient, string endUserIp, string userVisibleData, byte[] userNonVisibleData, string? returnUrl = null)
     {
         return appApiClient.SignAsync(new SignRequest(
             endUserIp,
             userVisibleData,
-            userNonVisibleData: userNonVisibleData));
+            userNonVisibleData: userNonVisibleData,
+            returnUrl: returnUrl));
     }
 
     /// <summary></summary>

src/ActiveLogin.Authentication.BankId.Core/Flow/BankIdFlowService.cs

@@ -68,7 +68,7 @@ IBankIdEndUserDeviceDataResolverFactory bankIdEndUserDeviceDataResolverFactory
     public async Task<BankIdFlowInitializeResult> InitializeAuth(BankIdFlowOptions flowOptions, string returnRedirectUrl)
     {
         var detectedUserDevice = _bankIdSupportedDeviceDetector.Detect();
-        var response = await GetAuthResponse(flowOptions, detectedUserDevice);
+        var response = await AuthAsync(flowOptions, detectedUserDevice, returnRedirectUrl);
 
         await _bankIdEventTrigger.TriggerAsync(new BankIdInitializeSuccessEvent(personalIdentityNumber: null, response.OrderRef, detectedUserDevice, flowOptions));
 
@@ -90,11 +90,11 @@ public async Task<BankIdFlowInitializeResult> InitializeAuth(BankIdFlowOptions f
         }
     }
 
-    private async Task<AuthResponse> GetAuthResponse(BankIdFlowOptions flowOptions, BankIdSupportedDevice detectedUserDevice)
+    private async Task<AuthResponse> AuthAsync(BankIdFlowOptions flowOptions, BankIdSupportedDevice detectedUserDevice, string returnRedirectUrl)
     {
         try
         {
-            var request = await GetAuthRequest(flowOptions);
+            var request = await GetAuthRequest(flowOptions, returnRedirectUrl);
             return await _bankIdAppApiClient.AuthAsync(request);
         }
         catch (BankIdApiException bankIdApiException)
@@ -104,14 +104,16 @@ private async Task<AuthResponse> GetAuthResponse(BankIdFlowOptions flowOptions,
         }
     }
 
-    private async Task<AuthRequest> GetAuthRequest(BankIdFlowOptions flowOptions)
+    private async Task<AuthRequest> GetAuthRequest(BankIdFlowOptions flowOptions, string returnRedirectUrl)
     {
         var endUserIp = _bankIdEndUserIpResolver.GetEndUserIp();
         var resolvedRequirements = await _bankIdAuthRequestRequirementsResolver.GetRequirementsAsync();
         var requiredPersonalIdentityNumber = resolvedRequirements.RequiredPersonalIdentityNumber ?? flowOptions.RequiredPersonalIdentityNumber;
         var requireMrtd = resolvedRequirements.RequireMrtd ?? flowOptions.RequireMrtd;
         var requirePinCode = resolvedRequirements.RequirePinCode ?? flowOptions.RequirePinCode;
-        var certificatePolicies = resolvedRequirements.CertificatePolicies.Any() ? resolvedRequirements.CertificatePolicies : flowOptions.CertificatePolicies;
+        var certificatePolicies = resolvedRequirements.CertificatePolicies.Any()
+            ? resolvedRequirements.CertificatePolicies
+            : flowOptions.CertificatePolicies;
         var resolvedCertificatePolicies = GetResolvedCertificatePolicies(certificatePolicies, flowOptions.SameDevice);
 
         var cardReader = resolvedRequirements.CardReader ?? flowOptions.CardReader;
@@ -129,7 +131,7 @@ private async Task<AuthRequest> GetAuthRequest(BankIdFlowOptions flowOptions)
             userData.UserVisibleData,
             userData.UserNonVisibleData,
             userData.UserVisibleDataFormat,
-            returnUrl: null,
+            returnUrl: returnRedirectUrl,
             returnRisk: returnRisk,
             web: webDeviceData,
             app: appDeviceData
@@ -139,7 +141,7 @@ private async Task<AuthRequest> GetAuthRequest(BankIdFlowOptions flowOptions)
     public async Task<BankIdFlowInitializeResult> InitializeSign(BankIdFlowOptions flowOptions, BankIdSignData bankIdSignData, string returnRedirectUrl)
     {
         var detectedUserDevice = _bankIdSupportedDeviceDetector.Detect();
-        var response = await GetSignResponse(flowOptions, bankIdSignData, detectedUserDevice);
+        var response = await SignAsync(flowOptions, bankIdSignData, detectedUserDevice, returnRedirectUrl);
 
         await _bankIdEventTrigger.TriggerAsync(new BankIdInitializeSuccessEvent(personalIdentityNumber: null, response.OrderRef, detectedUserDevice, flowOptions));
 
@@ -161,11 +163,11 @@ public async Task<BankIdFlowInitializeResult> InitializeSign(BankIdFlowOptions f
         }
     }
 
-    private async Task<SignResponse> GetSignResponse(BankIdFlowOptions flowOptions, BankIdSignData bankIdSignData, BankIdSupportedDevice detectedUserDevice)
+    private async Task<SignResponse> SignAsync(BankIdFlowOptions flowOptions, BankIdSignData bankIdSignData, BankIdSupportedDevice detectedUserDevice, string returnRedirectUrl)
     {
         try
         {
-            var request = GetSignRequest(flowOptions, bankIdSignData);
+            var request = GetSignRequest(flowOptions, bankIdSignData, returnRedirectUrl);
             return await _bankIdAppApiClient.SignAsync(request);
         }
         catch (BankIdApiException bankIdApiException)
@@ -175,11 +177,13 @@ private async Task<SignResponse> GetSignResponse(BankIdFlowOptions flowOptions,
         }
     }
 
-    private SignRequest GetSignRequest(BankIdFlowOptions flowOptions, BankIdSignData bankIdSignData)
+    private SignRequest GetSignRequest(BankIdFlowOptions flowOptions, BankIdSignData bankIdSignData, string returnRedirectUrl)
     {
         var endUserIp = _bankIdEndUserIpResolver.GetEndUserIp();
 
-        var certificatePolicies = bankIdSignData.CertificatePolicies.Any() ? bankIdSignData.CertificatePolicies: flowOptions.CertificatePolicies;
+        var certificatePolicies = bankIdSignData.CertificatePolicies.Any()
+            ? bankIdSignData.CertificatePolicies
+            : flowOptions.CertificatePolicies;
         var resolvedCertificatePolicies = GetResolvedCertificatePolicies(certificatePolicies, flowOptions.SameDevice);
 
         var requiredPersonalIdentityNumber = bankIdSignData.RequiredPersonalIdentityNumber ?? flowOptions.RequiredPersonalIdentityNumber;
@@ -198,7 +202,7 @@ private SignRequest GetSignRequest(BankIdFlowOptions flowOptions, BankIdSignData
             userNonVisibleData: bankIdSignData.UserNonVisibleData,
             userVisibleDataFormat: bankIdSignData.UserVisibleDataFormat,
             requirement: requestRequirement,
-            returnUrl: null,
+            returnUrl: returnRedirectUrl,
             returnRisk: returnRisk,
             web: webDeviceData,
             app: appDeviceData