OAuth: fix review comment from #7509

2025-10-26 11:17:43 +00:00 · 2019-11-18 13:26:05 +01:00 · 2019-11-18 13:26:05 +01:00 · d3e02b9bbb
commit d3e02b9bbb
parent 112e78ba94
3 changed files with 11 additions and 6 deletions
--- a/src/gui/creds/oauth.cpp
+++ b/src/gui/creds/oauth.cpp
@ -100,9 +100,12 @@ void OAuth::start()
                req.setAttribute(HttpCredentials::DontAddCredentialsAttribute, true);

                auto requestBody = new QBuffer;
-                QUrlQuery arguments(QString(
-                    "grant_type=authorization_code&code=%1&redirect_uri=http://localhost:%2&code_verifier=%3&scope=openid offline_access")
-                                        .arg(code, QString::number(_server.serverPort()), _pkceCodeVerifier));
+                QUrlQuery arguments {
+                    { "grant_type", "authorization_code" },
+                    { "code" , code },
+                    { "redirect_uri", QString("http://localhost:%1").arg(_server.serverPort()) },
+                    { "code_verifier", _pkceCodeVerifier },
+                    { "scope", "openid offline_access" }};
                requestBody->setData(arguments.query(QUrl::FullyEncoded).toLatin1());
                auto job = _account->sendRequest("POST", requestToken, req, requestBody);
                job->setTimeout(qMin(30 * 1000ll, job->timeoutMsec()));
@ -121,7 +124,7 @@ void OAuth::start()
                        QString errorReason;
                        QString errorFromJson = json["error_description"].toString();
                        if (errorFromJson.isEmpty())
-                            QString errorFromJson = json["error"].toString();
+                            errorFromJson = json["error"].toString();
                        if (!errorFromJson.isEmpty()) {
                            errorReason = tr("Error returned from the server: <em>%1</em>")
                                              .arg(errorFromJson.toHtmlEscaped());
@ -260,6 +263,7 @@ void OAuth::openBrowser()
 {
    authorisationLinkAsync([this](const QUrl &link) {
        if (!QDesktopServices::openUrl(link)) {
+            qCWarning(lcOauth) << "QDesktopServices::openUrl Failed";
            // We cannot open the browser, then we claim we don't support OAuth.
            emit result(NotSupported, QString());
        }
--- a/src/gui/creds/oauth.h
+++ b/src/gui/creds/oauth.h
@ -29,7 +29,8 @@ namespace OCC {
 *       |
 *       +----> fetchWellKnown() query the ".well-known/openid-configuration" endpoint
 *       |
- *       +----> openBrowser() open the browser to the login page after fetchWellKnown finished.
+ *       +----> openBrowser() open the browser after fetchWellKnown finished to the specified page
+ *       |                    (or the default 'oauth2/authorize' if fetchWellKnown does not exist)
 *       |                    Then the browser will redirect to http://localhost:xxx
 *       |
 *       +----> _server starts listening on a TCP port waiting for an HTTP request with a 'code'
--- a/src/libsync/creds/httpcredentials.cpp
+++ b/src/libsync/creds/httpcredentials.cpp
@ -438,7 +438,7 @@ bool HttpCredentials::refreshAccessToken()
        req.setAttribute(HttpCredentials::DontAddCredentialsAttribute, true);

        auto requestBody = new QBuffer;
-        QUrlQuery arguments(QString("grant_type=refresh_token&refresh_token=%1").arg(_refreshToken));
+        QUrlQuery arguments{{"grant_type" , "refresh_token"}, { "refresh_token", _refreshToken}};
        requestBody->setData(arguments.query(QUrl::FullyEncoded).toLatin1());

        auto job = _account->sendRequest("POST", requestTokenUrl, req, requestBody);