oidc.RefreshTokenRequest cannot be used to in a request to refresh tokens

because it does not explicitly include grant_types.
2022-09-27 14:31:58 -07:00 · 2022-09-27 14:31:58 -07:00 · a7a22ee76c
commit a7a22ee76c
parent 0e7949b1a0
1 changed files with 23 additions and 0 deletions
--- a/pkg/client/rp/relying_party.go
+++ b/pkg/client/rp/relying_party.go
@ -556,3 +556,26 @@ func RefreshAccessToken(rp RelyingParty, refreshToken, clientAssertion, clientAs
 	}
 	return client.CallTokenEndpoint(request, tokenEndpointCaller{RelyingParty: rp})
 }
+
+type RefreshTokenRequest struct {
+	RefreshToken        string                   `schema:"refresh_token"`
+	Scopes              oidc.SpaceDelimitedArray `schema:"scope"`
+	ClientID            string                   `schema:"client_id"`
+	ClientSecret        string                   `schema:"client_secret"`
+	ClientAssertion     string                   `schema:"client_assertion"`
+	ClientAssertionType string                   `schema:"client_assertion_type"`
+	GrantType           oidc.GrantType           `schema:"grant_type"`
+}
+
+func RefreshAccessToken(rp RelyingParty, refreshToken, clientAssertion, clientAssertionType string) (*oauth2.Token, error) {
+	request := RefreshTokenRequest{
+		RefreshToken:        refreshToken,
+		Scopes:              rp.OAuthConfig().Scopes,
+		ClientID:            rp.OAuthConfig().ClientID,
+		ClientSecret:        rp.OAuthConfig().ClientSecret,
+		ClientAssertion:     clientAssertion,
+		ClientAssertionType: clientAssertionType,
+		GrantType:           oidc.GrantTypeRefreshToken,
+	}
+	return client.CallTokenEndpoint(request, tokenEndpointCaller{RelyingParty: rp})
+}