[SDK-3081] Fix: Update session properties after a token is refreshed (#593)

Author: Evan Sims

src/Auth0.php

@@ -418,10 +418,23 @@ public function renew(
 
         $this->setAccessToken($response['access_token']);
 
+        if (isset($response['expires_in']) && is_numeric($response['expires_in'])) {
+            $expiresIn = time() + (int) $response['expires_in'];
+            $this->setAccessTokenExpiration($expiresIn);
+        }
+
         if (isset($response['id_token'])) {
             $this->setIdToken($response['id_token']);
         }
 
+        if (isset($response['refresh_token'])) {
+            $this->setRefreshToken($response['refresh_token']);
+        }
+
+        if (isset($response['scope'])) {
+            $this->setAccessTokenScope(explode(' ', $response['scope']));
+        }
+
         $this->deferStateSaving(false);
 
         return $this;

tests/Unit/Auth0Test.php

@@ -654,7 +654,7 @@ public function defer(
 
     $httpClient->mockResponses([
         \Auth0\Tests\Utilities\HttpResponseGenerator::create('{"access_token":"1.2.3","refresh_token":"2.3.4","id_token":"' . $token . '"}'),
-        \Auth0\Tests\Utilities\HttpResponseGenerator::create('{"access_token":"__test_access_token__","id_token":"' . $token . '"}'),
+        \Auth0\Tests\Utilities\HttpResponseGenerator::create('{"access_token":"__test_access_token__","id_token":"' . $token . '","expires_in":"123","refresh_token":"5.6.7","scope":"test1 test2 test3"}'),
     ]);
 
     $_GET['code'] = uniqid();
@@ -672,6 +672,9 @@ public function defer(
 
     expect($auth0->getAccessToken())->toEqual('__test_access_token__');
     expect($auth0->getIdToken())->toEqual($token);
+    expect($auth0->getAccessTokenExpiration())->toBeGreaterThanOrEqual(time() + 123);
+    expect($auth0->getRefreshToken())->toEqual('5.6.7');
+    expect($auth0->getAccessTokenScope())->toEqual(['test1', 'test2', 'test3']);
 
     expect($requestBody['scope'])->toEqual('openid');
     expect($requestBody['client_secret'])->toEqual('__test_client_secret__');