From 4f127b74e90c25ecd0d1ec79e373daf7abeba279 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Santos?= <andreas.bbs@gmail.com>
Date: Fri, 17 Feb 2023 13:10:06 +0000
Subject: [PATCH] refactor: Refactor exchange_token method

Add missing arguments:
  - subject_token_type
  - subject_issuer
  - requested_issuer

Remove client_id argument. The client_id should come from self.

Add None defaults
---
 src/keycloak/keycloak_openid.py | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/src/keycloak/keycloak_openid.py b/src/keycloak/keycloak_openid.py
index 56e0315..eec53cb 100644
--- a/src/keycloak/keycloak_openid.py
+++ b/src/keycloak/keycloak_openid.py
@@ -28,6 +28,7 @@ class to handle authentication and token manipulation.
 """
 
 import json
+from typing import Optional
 
 from jose import jwt
 
@@ -341,9 +342,11 @@ class KeycloakOpenID:
     def exchange_token(
         self,
         token: str,
-        client_id: str,
         audience: str,
-        subject: str,
+        subject: Optional[str] = None,
+        subject_token_type: Optional[str] = None,
+        subject_issuer: Optional[str] = None,
+        requested_issuer: Optional[str] = None,
         requested_token_type: str = "urn:ietf:params:oauth:token-type:refresh_token",
         scope: str = "openid",
     ) -> dict:
@@ -354,12 +357,16 @@ class KeycloakOpenID:
 
         :param token: Access token
         :type token: str
-        :param client_id: Client id
-        :type client_id: str
         :param audience: Audience
         :type audience: str
         :param subject: Subject
         :type subject: str
+        :param subject_token_type: Token Type specification
+        :type subject_token_type: Optional[str]
+        :param subject_issuer: Issuer
+        :type subject_issuer: Optional[str]
+        :param requested_issuer: Issuer
+        :type requested_issuer: Optional[str]
         :param requested_token_type: Token type specification
         :type requested_token_type: str
         :param scope: Scope, defaults to openid
@@ -370,11 +377,14 @@ class KeycloakOpenID:
         params_path = {"realm-name": self.realm_name}
         payload = {
             "grant_type": ["urn:ietf:params:oauth:grant-type:token-exchange"],
-            "client_id": client_id,
+            "client_id": self.client_id,
             "subject_token": token,
+            "subject_token_type": subject_token_type,
+            "subject_issuer": subject_issuer,
             "requested_token_type": requested_token_type,
             "audience": audience,
             "requested_subject": subject,
+            "requested_issuer": requested_issuer,
             "scope": scope,
         }
         payload = self._add_secret_key(payload)