feat: add rp.RefreshAccessToken (#198)

* chore: make tokenEndpointCaller public * add RelyingParty function * undo changes made by gofumpt * undo more gofumpt changes * undo more gofumpt changes
2022-08-05 01:57:50 -07:00 · 2022-08-05 01:57:50 -07:00 · 94871afbcb
commit 94871afbcb
parent 0b4d62c745
3 changed files with 25 additions and 5 deletions
--- a/pkg/client/client.go
+++ b/pkg/client/client.go
@ -48,16 +48,16 @@ func Discover(issuer string, httpClient *http.Client, wellKnownUrl ...string) (*
 	return discoveryConfig, nil
 }

-type tokenEndpointCaller interface {
+type TokenEndpointCaller interface {
 	TokenEndpoint() string
 	HttpClient() *http.Client
 }

-func CallTokenEndpoint(request interface{}, caller tokenEndpointCaller) (newToken *oauth2.Token, err error) {
+func CallTokenEndpoint(request interface{}, caller TokenEndpointCaller) (newToken *oauth2.Token, err error) {
 	return callTokenEndpoint(request, nil, caller)
 }

-func callTokenEndpoint(request interface{}, authFn interface{}, caller tokenEndpointCaller) (newToken *oauth2.Token, err error) {
+func callTokenEndpoint(request interface{}, authFn interface{}, caller TokenEndpointCaller) (newToken *oauth2.Token, err error) {
 	req, err := httphelper.FormRequest(caller.TokenEndpoint(), request, Encoder, authFn)
 	if err != nil {
 		return nil, err
--- a/pkg/client/jwt_profile.go
+++ b/pkg/client/jwt_profile.go
@ -9,8 +9,8 @@ import (
 	"github.com/zitadel/oidc/pkg/oidc"
 )

-//JWTProfileExchange handles the oauth2 jwt profile exchange
-func JWTProfileExchange(jwtProfileGrantRequest *oidc.JWTProfileGrantRequest, caller tokenEndpointCaller) (*oauth2.Token, error) {
+// JWTProfileExchange handles the oauth2 jwt profile exchange
+func JWTProfileExchange(jwtProfileGrantRequest *oidc.JWTProfileGrantRequest, caller TokenEndpointCaller) (*oauth2.Token, error) {
 	return CallTokenEndpoint(jwtProfileGrantRequest, caller)
 }

--- a/pkg/client/rp/relying_party.go
+++ b/pkg/client/rp/relying_party.go
@ -536,3 +536,23 @@ func WithClientAssertionJWT(clientAssertion string) CodeExchangeOpt {
 		return client.ClientAssertionCodeOptions(clientAssertion)
 	}
 }
+
+type tokenEndpointCaller struct {
+	RelyingParty
+}
+
+func (t tokenEndpointCaller) TokenEndpoint() string {
+	return t.OAuthConfig().Endpoint.TokenURL
+}
+
+func RefreshAccessToken(rp RelyingParty, refreshToken, clientAssertion, clientAssertionType string) (*oauth2.Token, error) {
+	request := oidc.RefreshTokenRequest{
+		RefreshToken:        refreshToken,
+		Scopes:              rp.OAuthConfig().Scopes,
+		ClientID:            rp.OAuthConfig().ClientID,
+		ClientSecret:        rp.OAuthConfig().ClientSecret,
+		ClientAssertion:     clientAssertion,
+		ClientAssertionType: clientAssertionType,
+	}
+	return client.CallTokenEndpoint(request, tokenEndpointCaller{RelyingParty: rp})
+}