From a7a22ee76c625c7161cf952c931620878ae0fa89 Mon Sep 17 00:00:00 2001
From: David Sharnoff <dsharnoff@singlestore.com>
Date: Tue, 27 Sep 2022 14:31:58 -0700
Subject: [PATCH] oidc.RefreshTokenRequest cannot be used to in a request to
 refresh tokens because it does not explicitly include grant_types.

---
 pkg/client/rp/relying_party.go | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/pkg/client/rp/relying_party.go b/pkg/client/rp/relying_party.go
index 3094f23..d648b69 100644
--- a/pkg/client/rp/relying_party.go
+++ b/pkg/client/rp/relying_party.go
@@ -556,3 +556,26 @@ func RefreshAccessToken(rp RelyingParty, refreshToken, clientAssertion, clientAs
 	}
 	return client.CallTokenEndpoint(request, tokenEndpointCaller{RelyingParty: rp})
 }
+
+type RefreshTokenRequest struct {
+	RefreshToken        string                   `schema:"refresh_token"`
+	Scopes              oidc.SpaceDelimitedArray `schema:"scope"`
+	ClientID            string                   `schema:"client_id"`
+	ClientSecret        string                   `schema:"client_secret"`
+	ClientAssertion     string                   `schema:"client_assertion"`
+	ClientAssertionType string                   `schema:"client_assertion_type"`
+	GrantType           oidc.GrantType           `schema:"grant_type"`
+}
+
+func RefreshAccessToken(rp RelyingParty, refreshToken, clientAssertion, clientAssertionType string) (*oauth2.Token, error) {
+	request := RefreshTokenRequest{
+		RefreshToken:        refreshToken,
+		Scopes:              rp.OAuthConfig().Scopes,
+		ClientID:            rp.OAuthConfig().ClientID,
+		ClientSecret:        rp.OAuthConfig().ClientSecret,
+		ClientAssertion:     clientAssertion,
+		ClientAssertionType: clientAssertionType,
+		GrantType:           oidc.GrantTypeRefreshToken,
+	}
+	return client.CallTokenEndpoint(request, tokenEndpointCaller{RelyingParty: rp})
+}