Extra parameter in token request (authorization code grant) IdentityM…

…odel#745
chrisgbaker · Aug 7, 2019 · bcf6b36 · bcf6b36
1 parent 0369ba6
commit bcf6b36
Show file tree

Hide file tree

Showing 5 changed files with 20 additions and 7 deletions.
diff --git a/src/OidcClient.js b/src/OidcClient.js
@@ -44,7 +44,7 @@ export class OidcClient {
         // have round tripped, but people were getting confused, so i added state (since that matches the spec)
         // and so now if data is not passed, but state is then state will be used
         data, state, prompt, display, max_age, ui_locales, id_token_hint, login_hint, acr_values,
-        resource, request, request_uri, response_mode, extraQueryParams, request_type } = {},
+        resource, request, request_uri, response_mode, extraQueryParams, extraTokenParams, request_type } = {},
         stateStore
     ) {
         Log.debug("OidcClient.createSigninRequest");
@@ -82,7 +82,7 @@ export class OidcClient {
                 data: data || state,
                 authority,
                 prompt, display, max_age, ui_locales, id_token_hint, login_hint, acr_values,
-                resource, request, request_uri, extraQueryParams, request_type, response_mode,
+                resource, request, request_uri, extraQueryParams, extraTokenParams, request_type, response_mode,
                 client_secret: this._settings.client_secret
             });
 

diff --git a/src/ResponseValidator.js b/src/ResponseValidator.js
@@ -250,8 +250,12 @@ export class ResponseValidator {
             client_secret: state.client_secret,
             code : response.code,
             redirect_uri: state.redirect_uri,
-            code_verifier: state.code_verifier,
+            code_verifier: state.code_verifier
         };
+
+        if (state.extraTokenParams && typeof(state.extraTokenParams) === 'object') {
+            Object.assign(request, state.extraTokenParams);
+        }
 
         return this._tokenClient.exchangeCode(request).then(tokenResponse => {
 

diff --git a/src/SigninRequest.js b/src/SigninRequest.js
@@ -11,7 +11,7 @@ export class SigninRequest {
         url, client_id, redirect_uri, response_type, scope, authority,
         // optional
         data, prompt, display, max_age, ui_locales, id_token_hint, login_hint, acr_values, resource, response_mode,
-        request, request_uri, extraQueryParams, request_type, client_secret
+        request, request_uri, extraQueryParams, request_type, client_secret, extraTokenParams
     }) {
         if (!url) {
             Log.error("SigninRequest.ctor: No url passed");
@@ -49,7 +49,7 @@ export class SigninRequest {
             data, client_id, authority, redirect_uri, 
             code_verifier: code, 
             request_type, response_mode,
-            client_secret, scope });
+            client_secret, scope, extraTokenParams });
 
         url = UrlUtility.addQueryParam(url, "client_id", client_id);
         url = UrlUtility.addQueryParam(url, "redirect_uri", redirect_uri);

diff --git a/src/SigninState.js b/src/SigninState.js
@@ -7,7 +7,7 @@ import { JoseUtil } from './JoseUtil.js';
 import random from './random.js';
 
 export class SigninState extends State {
-    constructor({nonce, authority, client_id, redirect_uri, code_verifier, response_mode, client_secret, scope} = {}) {
+    constructor({nonce, authority, client_id, redirect_uri, code_verifier, response_mode, client_secret, scope, extraTokenParams} = {}) {
         super(arguments[0]);
 
         if (nonce === true) {
@@ -36,6 +36,7 @@ export class SigninState extends State {
         this._response_mode = response_mode;
         this._client_secret = client_secret;
         this._scope = scope;
+        this._extraTokenParams = extraTokenParams;
     }
 
     get nonce() {
@@ -65,6 +66,9 @@ export class SigninState extends State {
     get scope() {
         return this._scope;
     }
+    get extraTokenParams() {
+        return this._extraTokenParams;
+    }
 
     toStorageString() {
         Log.debug("SigninState.toStorageString");
@@ -80,7 +84,8 @@ export class SigninState extends State {
             client_id: this.client_id,
             response_mode: this.response_mode,
             client_secret: this.client_secret,
-            scope: this.scope
+            scope: this.scope,
+            extraTokenParams : this.extraTokenParams
         });
     }
 

diff --git a/src/TokenClient.js b/src/TokenClient.js
@@ -18,6 +18,8 @@ export class TokenClient {
     }
 
     exchangeCode(args = {}) {
+        args = Object.assign({}, args);
+
         args.grant_type = args.grant_type || "authorization_code";
         args.client_id = args.client_id || this._settings.client_id;
         args.redirect_uri = args.redirect_uri || this._settings.redirect_uri;
@@ -50,6 +52,8 @@ export class TokenClient {
     }
 
     exchangeRefreshToken(args = {}) {
+        args = Object.assign({}, args);
+
         args.grant_type = args.grant_type || "refresh_token";
         args.client_id = args.client_id || this._settings.client_id;
         args.client_secret = args.client_secret || this._settings.client_secret;