authts · pamapa · Nov 24, 2023 · Nov 21, 2023 · Nov 22, 2023
diff --git a/docs/oidc-client-ts.api.md b/docs/oidc-client-ts.api.md
@@ -333,7 +333,7 @@ export class OidcClient {
     // (undocumented)
     protected readonly _tokenClient: TokenClient;
     // (undocumented)
-    useRefreshToken({ state, timeoutInSeconds, }: UseRefreshTokenArgs): Promise<SigninResponse>;
+    useRefreshToken({ state, timeoutInSeconds, extraTokenParams, }: UseRefreshTokenArgs): Promise<SigninResponse>;
     // Warning: (ae-forgotten-export) The symbol "ResponseValidator" needs to be exported by the entry point index.d.ts
     //
     // (undocumented)
@@ -926,6 +926,8 @@ export class User {
 
 // @public (undocumented)
 export interface UseRefreshTokenArgs {
+    // (undocumented)
+    extraTokenParams?: Record<string, unknown>;
     // (undocumented)
     state: RefreshState;
     // (undocumented)
@@ -1003,7 +1005,7 @@ export class UserManager {
     // (undocumented)
     storeUser(user: User | null): Promise<void>;
     // (undocumented)
-    protected _useRefreshToken(state: RefreshState): Promise<User>;
+    protected _useRefreshToken(args: UseRefreshTokenArgs): Promise<User>;
     // (undocumented)
     protected get _userStoreKey(): string;
 }

diff --git a/src/OidcClient.ts b/src/OidcClient.ts
@@ -35,6 +35,7 @@ export interface CreateSigninRequestArgs
 export interface UseRefreshTokenArgs {
     state: RefreshState;
     timeoutInSeconds?: number;
+    extraTokenParams?: Record<string, unknown>;
 }
 
 /**
@@ -185,6 +186,7 @@ export class OidcClient {
     public async useRefreshToken({
         state,
         timeoutInSeconds,
+        extraTokenParams,
     }: UseRefreshTokenArgs): Promise<SigninResponse> {
         const logger = this._logger.create("useRefreshToken");
 
@@ -207,6 +209,7 @@ export class OidcClient {
             // provide the (possible filtered) scope list
             scope,
             timeoutInSeconds,
+            ...extraTokenParams,
         });
         const response = new SigninResponse(new URLSearchParams());
         Object.assign(response, result);

diff --git a/src/UserManager.ts b/src/UserManager.ts
@@ -4,7 +4,7 @@
 import { Logger } from "./utils";
 import { ErrorResponse } from "./errors";
 import { type NavigateResponse, type PopupWindowParams, type IWindow, type IFrameWindowParams, type RedirectParams, RedirectNavigator, PopupNavigator, IFrameNavigator, type INavigator } from "./navigators";
-import { OidcClient, type CreateSigninRequestArgs, type CreateSignoutRequestArgs, type ProcessResourceOwnerPasswordCredentialsArgs } from "./OidcClient";
+import { OidcClient, type CreateSigninRequestArgs, type CreateSignoutRequestArgs, type ProcessResourceOwnerPasswordCredentialsArgs, type UseRefreshTokenArgs } from "./OidcClient";
 import { type UserManagerSettings, UserManagerSettingsStore } from "./UserManagerSettings";
 import { User } from "./User";
 import { UserManagerEvents } from "./UserManagerEvents";
@@ -290,7 +290,7 @@ export class UserManager {
         if (user?.refresh_token) {
             logger.debug("using refresh token");
             const state = new RefreshState(user as Required<User>, resource);
-            return await this._useRefreshToken(state);
+            return await this._useRefreshToken({ state, extraTokenParams: requestArgs.extraTokenParams });
         }
 
         const url = this.settings.silent_redirect_uri;
@@ -324,12 +324,12 @@ export class UserManager {
         return user;
     }
 
-    protected async _useRefreshToken(state: RefreshState): Promise<User> {
+    protected async _useRefreshToken(args: UseRefreshTokenArgs): Promise<User> {
         const response = await this._client.useRefreshToken({
-            state,
+            ...args,
             timeoutInSeconds: this.settings.silentRequestTimeoutInSeconds,
         });
-        const user = new User({ ...state, ...response });
+        const user = new User({ ...args.state, ...response });
 
         await this.storeUser(user);
         this._events.load(user);