From 30d62f94e0cff2d64370c047b2c534e3bb81d1cf Mon Sep 17 00:00:00 2001
From: AJ ONeal <aj@daplie.com>
Date: Thu, 19 Jan 2017 01:08:07 +0000
Subject: [PATCH] add refreshToken, cleanup scopestringify

---
 oauth3.core.js | 69 ++++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 61 insertions(+), 8 deletions(-)

diff --git a/oauth3.core.js b/oauth3.core.js
index e44cc94..783bc66 100644
--- a/oauth3.core.js
+++ b/oauth3.core.js
@@ -144,10 +144,7 @@
     params.state = state;
     params.response_type = responseType;
     if (scope) {
-      if (Array.isArray(scope)) {
-        scope = scope.join(' ');
-      }
-      params.scope = scope;
+      params.scope = core.stringifyscope(scope);
     }
     if (clientId) {
       // In OAuth3 client_id is optional for implicit grant
@@ -277,10 +274,66 @@
     }
 
     if (scope) {
-      if (Array.isArray(scope)) {
-        scope = scope.join(' ');
-      }
-      params.scope = scope;
+      params.scope = core.stringifyscope(scope);
+    }
+
+    if ('GET' === args.method.toUpperCase()) {
+      uri += '?' + core.querystringify(params);
+    } else {
+      body = params;
+    }
+
+    return {
+      url: uri
+    , method: args.method
+    , data: body
+    };
+  };
+
+  core.refreshToken = function (directive, opts) {
+    // grant_type=refresh_token
+
+    // Example Refresh Token Request
+    // (generally for 1st or 3rd party server-side, mobile, and desktop apps)
+    //
+    // POST https://example.com/api/oauth3/access_token
+    //    { "grant_type": "refresh_token", "client_id": "<<id>>", "scope": "<<scope>>"
+    //    , "username": "<<username>>", "password": "password" }
+    //
+    opts = opts || {};
+    var type = 'access_token';
+    var grantType = 'refresh_token';
+
+    var scope = opts.scope || directive.authn_scope;
+    var clientId = opts.appId || opts.clientId;
+    var clientSecret = opts.appSecret || opts.clientSecret;
+    var args = directive[type];
+    var params = {
+      "grant_type": grantType
+    , "refresh_token": opts.refreshToken
+    , "response_type": 'token'
+    //, "client_id": undefined
+    //, "client_uri": undefined
+    //, "scope": undefined
+    //, "client_secret": undefined
+    };
+    var uri = args.url;
+    var body;
+
+    if (opts.clientUri) {
+      params.client_uri = opts.clientUri;
+    }
+
+    if (clientId) {
+      params.client_id = clientId;
+    }
+
+    if (clientSecret) {
+      params.client_secret = clientSecret;
+    }
+
+    if (scope) {
+      params.scope = core.stringifyscope(scope);
     }
 
     if ('GET' === args.method.toUpperCase()) {