force refresh session, new API

CHANGELOG.md

@@ -1,8 +1,9 @@
 ## Angular Lib for OpenID Connect/OAuth2 Changelog
 
-### 2020-05-13 Version 11.1.0
+### 2020-05-14 Version 11.1.0
 
 -   Eager loading of well known endpoints can be configured: Made it possible to load the well known endpoints late (per configuration)
+-   make it possible to force a session refresh
 
 ### 2020-05-12 Version 11.0.2
 

docs/public-api.md

@@ -135,3 +135,14 @@ This makes it possible to manage your own tokens.
 ## getEndSessionUrl(): string | null
 
 Creates the ens session URL which can be used to implement youe own custom server logout.
+
+## forceRefreshSession(): Observable
+
+Makes it possible to refresh the tokens at any time you require.
+
+```
+refreshSession() {
+        this.oidcSecurityService.forceRefreshSession()
+          .subscribe((result) => console.log(result));
+    }
+```

projects/angular-auth-oidc-client/src/lib/callback/callback.service.ts

@@ -54,6 +54,30 @@ export class CallbackService {
         return callback$.pipe(tap(() => this.stsCallbackInternal$.next()));
     }
 
+    refreshSession() {
+        const idToken = this.authStateService.getIdToken();
+        const isSilentRenewRunning = this.flowsDataService.isSilentRenewRunning();
+        const userDataFromStore = this.userService.getUserDataFromStore();
+
+        this.loggerService.logDebug(
+            `Checking: silentRenewRunning: ${isSilentRenewRunning} id_token: ${!!idToken} userData: ${!!userDataFromStore}`
+        );
+
+        const shouldBeExecuted = userDataFromStore && !isSilentRenewRunning && idToken;
+
+        if (!shouldBeExecuted) {
+            return of(null);
+        }
+
+        this.flowsDataService.setSilentRenewRunning();
+
+        if (this.flowHelper.isCurrentFlowCodeFlowWithRefeshTokens()) {
+            // Refresh Session using Refresh tokens
+            return this.refreshSessionWithRefreshTokens();
+        }
+
+        return this.refreshSessionWithIframe();
+    }
     startTokenValidationPeriodically(repeatAfterSeconds: number) {
         if (!!this.runTokenValidationRunning || !this.configurationProvider.openIDConfiguration.silentRenew) {
             return;

projects/angular-auth-oidc-client/src/lib/oidc.security.service.ts

@@ -123,6 +123,10 @@ export class OidcSecurityService {
         this.loginService.login(authOptions);
     }
 
+    forceRefreshSession() {
+        return this.callbackService.refreshSession();
+    }
+
     // The refresh token and and the access token are revoked on the server. If the refresh token does not exist
     // only the access token is revoked. Then the logout run.
     logoffAndRevokeTokens(urlHandler?: (url: string) => any) {