refactor: Refactor exchange_token method

Add missing arguments: - subject_token_type - subject_issuer - requested_issuer Remove client_id argument. The client_id should come from self. Add None defaults
2 years ago · 4f127b74e9
1 changed files with 15 additions and 5 deletions
--- a/src/keycloak/keycloak_openid.py
+++ b/src/keycloak/keycloak_openid.py
@ -28,6 +28,7 @@ class to handle authentication and token manipulation.
 """

 import json
+from typing import Optional

 from jose import jwt

@ -341,9 +342,11 @@ class KeycloakOpenID:
    def exchange_token(
        self,
        token: str,
-        client_id: str,
        audience: str,
-        subject: str,
+        subject: Optional[str] = None,
+        subject_token_type: Optional[str] = None,
+        subject_issuer: Optional[str] = None,
+        requested_issuer: Optional[str] = None,
        requested_token_type: str = "urn:ietf:params:oauth:token-type:refresh_token",
        scope: str = "openid",
    ) -> dict:
@ -354,12 +357,16 @@ class KeycloakOpenID:

        :param token: Access token
        :type token: str
-        :param client_id: Client id
-        :type client_id: str
        :param audience: Audience
        :type audience: str
        :param subject: Subject
        :type subject: str
+        :param subject_token_type: Token Type specification
+        :type subject_token_type: Optional[str]
+        :param subject_issuer: Issuer
+        :type subject_issuer: Optional[str]
+        :param requested_issuer: Issuer
+        :type requested_issuer: Optional[str]
        :param requested_token_type: Token type specification
        :type requested_token_type: str
        :param scope: Scope, defaults to openid
@ -370,11 +377,14 @@ class KeycloakOpenID:
        params_path = {"realm-name": self.realm_name}
        payload = {
            "grant_type": ["urn:ietf:params:oauth:grant-type:token-exchange"],
-            "client_id": client_id,
+            "client_id": self.client_id,
            "subject_token": token,
+            "subject_token_type": subject_token_type,
+            "subject_issuer": subject_issuer,
            "requested_token_type": requested_token_type,
            "audience": audience,
            "requested_subject": subject,
+            "requested_issuer": requested_issuer,
            "scope": scope,
        }
        payload = self._add_secret_key(payload)