diff --git a/oauth3.core.js b/oauth3.core.js
index 4153afd..13eca66 100644
--- a/oauth3.core.js
+++ b/oauth3.core.js
@@ -667,7 +667,10 @@
           if (data.error) {
             return OAUTH3.PromiseA.reject(OAUTH3.error.parse(providerUri, data));
           }
-          return OAUTH3.hooks.session.refresh(opts, data);
+          return OAUTH3.hooks.session.refresh(
+            opts.session || { provider_uri: providerUri, client_uri: opts.client_uri || opts.clientUri }
+          , data
+          );
         });
       });
     }
diff --git a/oauth3.issuer.js b/oauth3.issuer.js
index 1fa05f0..a0aed1c 100644
--- a/oauth3.issuer.js
+++ b/oauth3.issuer.js
@@ -131,18 +131,18 @@ OAUTH3.urls.resourceOwnerPassword = function (directive, opts) {
   var args = directive[type];
   var otpCode = opts.otp || opts.otpCode || opts.otp_code || opts.otpToken || opts.otp_token || undefined;
   var params = {
-    "client_id": opts.client_id || opts.client_uri
-  , "client_uri": opts.client_uri
-  , "grant_type": grantType
-  , "username": opts.username
-  , "password": opts.password || otpCode || undefined
-  , "totp": opts.totp || opts.totpToken || opts.totp_token || undefined
-  , "otp": otpCode
-  , "password_type": otpCode && 'otp'
-  , "otp_code": otpCode
-  , "otp_uuid": opts.otpUuid || opts.otp_uuid || undefined
-  , "user_agent": opts.userAgent || opts.useragent || opts.user_agent || undefined // AJ's Macbook
-  , "jwk": (opts.rememberDevice || opts.remember_device) && opts.jwk || undefined
+    client_id: opts.client_id || opts.client_uri
+  , client_uri: opts.client_uri
+  , grant_type: grantType
+  , username: opts.username
+  , password: opts.password || otpCode || undefined
+  , totp: opts.totp || opts.totpToken || opts.totp_token || undefined
+  , otp: otpCode
+  , password_type: otpCode && 'otp'
+  , otp_code: otpCode
+  , otp_uuid: opts.otpUuid || opts.otp_uuid || undefined
+  , user_agent: opts.userAgent || opts.useragent || opts.user_agent || undefined // AJ's Macbook
+  , jwk: (opts.rememberDevice || opts.remember_device) && opts.jwk || undefined
   //, "public_key": opts.rememberDevice && opts.publicKey || undefined
   //, "public_key_type":  opts.rememberDevice && opts.publicKeyType || undefined // RSA/ECDSA
   //, "jwt": opts.jwt // TODO sign a proof with a previously loaded public_key