feat: Support additional request parameters for 3LO

google-oauth-client/src/main/java/com/google/api/client/auth/oauth2/AuthorizationCodeFlow.java

@@ -112,6 +112,9 @@ public class AuthorizationCodeFlow {
   /** Refresh listeners provided by the client. */
   private final Collection<CredentialRefreshListener> refreshListeners;
 
+  /** Additional parameters to pass to authorization url. */
+  private final Map<String, String> additionalParameters;
+
   /**
    * @param method method of presenting the access token to the resource server (for example {@link
    *     BearerToken#authorizationHeaderAccessMethod})
@@ -131,7 +134,8 @@ public AuthorizationCodeFlow(
       GenericUrl tokenServerUrl,
       HttpExecuteInterceptor clientAuthentication,
       String clientId,
-      String authorizationServerEncodedUrl) {
+      String authorizationServerEncodedUrl)
+    {
     this(
         new Builder(
             method,
@@ -140,7 +144,31 @@ public AuthorizationCodeFlow(
             tokenServerUrl,
             clientAuthentication,
             clientId,
-            authorizationServerEncodedUrl));
+            authorizationServerEncodedUrl)
+    );
+  }
+
+  public AuthorizationCodeFlow(
+      AccessMethod method,
+      HttpTransport transport,
+      JsonFactory jsonFactory,
+      GenericUrl tokenServerUrl,
+      HttpExecuteInterceptor clientAuthentication,
+      String clientId,
+      String authorizationServerEncodedUrl,
+      Map<String, String> additionalParameters)
+    {
+    this(
+        new Builder(
+            method,
+            transport,
+            jsonFactory,
+            tokenServerUrl,
+            clientAuthentication,
+            clientId,
+            authorizationServerEncodedUrl,
+            additionalParameters)
+    );
   }
 
   /**
@@ -156,6 +184,7 @@ protected AuthorizationCodeFlow(Builder builder) {
     clientId = Preconditions.checkNotNull(builder.clientId);
     authorizationServerEncodedUrl =
         Preconditions.checkNotNull(builder.authorizationServerEncodedUrl);
+    additionalParameters = Preconditions.checkNotNull(builder.additionalParameters);    
     requestInitializer = builder.requestInitializer;
     credentialStore = builder.credentialStore;
     credentialDataStore = builder.credentialDataStore;
@@ -192,6 +221,11 @@ public AuthorizationCodeRequestUrl newAuthorizationUrl() {
       url.setCodeChallenge(pkce.getChallenge());
       url.setCodeChallengeMethod(pkce.getChallengeMethod());
     }
+    if (additionalParameters != null) {
+      for (Map.Entry<String, String> entry : additionalParameters.entrySet()) {
+        url.put(entry.getKey(), entry.getValue());
+      }
+    }
     return url;
   }
 
@@ -549,6 +583,9 @@ public static class Builder {
     /** Refresh listeners provided by the client. */
     Collection<CredentialRefreshListener> refreshListeners = Lists.newArrayList();
 
+    /** Additional authorization url parameters provided by the client **/
+    Map<String, String> additionalParameters;
+
     /**
      * @param method method of presenting the access token to the resource server (for example
      *     {@link BearerToken#authorizationHeaderAccessMethod})
@@ -560,21 +597,42 @@ public static class Builder {
      * @param clientId client identifier
      * @param authorizationServerEncodedUrl authorization server encoded URL
      */
-    public Builder(
+
+     public Builder(
+      AccessMethod method,
+      HttpTransport transport,
+      JsonFactory jsonFactory,
+      GenericUrl tokenServerUrl,
+      HttpExecuteInterceptor clientAuthentication,
+      String clientId,
+      String authorizationServerEncodedUrl) {
+    setMethod(method);
+    setTransport(transport);
+    setJsonFactory(jsonFactory);
+    setTokenServerUrl(tokenServerUrl);
+    setClientAuthentication(clientAuthentication);
+    setClientId(clientId);
+    setAuthorizationServerEncodedUrl(authorizationServerEncodedUrl);
+    setAdditionalParameters(Collections.<String, String>emptyMap());
+  }
+
+     public Builder(
         AccessMethod method,
         HttpTransport transport,
         JsonFactory jsonFactory,
         GenericUrl tokenServerUrl,
         HttpExecuteInterceptor clientAuthentication,
         String clientId,
-        String authorizationServerEncodedUrl) {
+        String authorizationServerEncodedUrl,
+        Map<String, String> additionalParameters) {
       setMethod(method);
       setTransport(transport);
       setJsonFactory(jsonFactory);
       setTokenServerUrl(tokenServerUrl);
       setClientAuthentication(clientAuthentication);
       setClientId(clientId);
       setAuthorizationServerEncodedUrl(authorizationServerEncodedUrl);
+      setAdditionalParameters(additionalParameters);
     }
 
     /** Returns a new instance of an authorization code flow based on this builder. */
@@ -717,6 +775,20 @@ public Builder setAuthorizationServerEncodedUrl(String authorizationServerEncode
       return this;
     }
 
+    /**
+     * Sets the additional url parameters.
+     *
+     * <p>Overriding is only supported for the purpose of calling the super implementation and
+     * changing the return type, but nothing else.
+     *
+     * @since 1.11
+     */
+    public Builder setAdditionalParameters(Map<String, String> additionalParameters) {
+      this.additionalParameters =
+          Preconditions.checkNotNull(additionalParameters);
+      return this;
+    }
+
     /**
      * {@link Beta} <br>
      * Returns the credential persistence store or {@code null} for none.

google-oauth-client/src/test/java/com/google/api/client/auth/oauth2/AuthorizationCodeFlowTest.java

@@ -23,6 +23,8 @@
 import java.util.Collection;
 import java.util.Collections;
 import java.util.HashSet;
+import java.util.HashMap;
+import java.util.Map;
 import java.util.Set;
 
 /**
@@ -154,4 +156,24 @@ public void testPKCE() {
     assertTrue(methods.contains(url.getCodeChallengeMethod().toLowerCase()));
     assertTrue(url.getCodeChallenge().length() > 0);
   }
+
+  public void testAdditionalParameters() {
+    Map<String, String> testMap = new HashMap<>();
+    testMap.put("key", "value");
+    AuthorizationCodeFlow flow =
+      new AuthorizationCodeFlow.Builder(
+        BearerToken.queryParameterAccessMethod(),
+        new AccessTokenTransport(),
+        new GsonFactory(),
+        TOKEN_SERVER_URL,
+        new BasicAuthentication(CLIENT_ID, CLIENT_SECRET),
+        CLIENT_ID,
+      "https://example.com")
+      .setAdditionalParameters(testMap)
+      .build();
+
+      AuthorizationCodeRequestUrl url = flow.newAuthorizationUrl();
+      String urlString = url.build();
+      assertTrue(urlString.contains("key=value"));
+  }
 }

google-oauth-client/src/test/java/com/google/api/client/auth/oauth2/AuthorizationCodeRequestUrlTest.java

@@ -15,6 +15,8 @@
 package com.google.api.client.auth.oauth2;
 
 import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
 import junit.framework.TestCase;
 
 /**
@@ -41,4 +43,25 @@ public void testBuild() {
             .setScopes(Arrays.asList("a", "b", "c"));
     assertEquals(EXPECTED, url.build());
   }
+
+  /*
+  public void testAdditionalParams() {
+
+    Map<String, String> testMap = new HashMap<>();
+    String expectedUrl =
+    "https://server.example.com/authorize?client_id=s6BhdRkqt3&"
+    + "redirect_uri=https://client.example.com/rd&response_type=code"
+    + "&scope=a%20b%20c&state=xyz&param1=value1";
+
+    testMap.put("param1", "value1");
+    AuthorizationRequestUrl url =
+        new AuthorizationCodeRequestUrl("https://server.example.com/authorize", "s6BhdRkqt3")
+            .setState("xyz")
+            .setRedirectUri("https://client.example.com/rd")
+            .setScopes(Arrays.asList("a", "b", "c"));
+
+    assertEquals(expectedUrl, url.build());
+  }
+  */
+
 }