Skip to content

Commit be75274

Browse files
enriquepabloenriquepablo
committed
fix(dav): data sent to token endpoint must be application/x-www-form-urlencoded
Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net>
1 parent 0a2a49c commit be75274

2 files changed

Lines changed: 8 additions & 11 deletions

File tree

apps/dav/lib/Controller/TokenController.php

Lines changed: 1 addition & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -104,14 +104,7 @@ public function accessToken(): DataResponse {
104104
}
105105

106106
$body = file_get_contents('php://input');
107-
$data = json_decode($body, true);
108-
109-
if (!is_array($data)) {
110-
return new DataResponse(
111-
['error' => 'invalid_request'],
112-
Http::STATUS_BAD_REQUEST
113-
);
114-
}
107+
parse_str($body, $data);
115108

116109
$refreshToken = $data['code'] ?? '';
117110
$grantType = $data['grant_type'] ?? '';

lib/private/Files/Storage/DAV.php

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@
2727
use OCP\IAppConfig;
2828
use OCP\ICertificateManager;
2929
use OCP\IConfig;
30+
use OCP\IURLGenerator;
3031
use OCP\OCM\Exceptions\OCMArgumentException;
3132
use OCP\OCM\Exceptions\OCMProviderException;
3233
use OCP\OCM\IOCMDiscoveryService;
@@ -114,6 +115,7 @@ class DAV extends Common {
114115
protected ISignatureManager $signatureManager;
115116
protected OCMSignatoryManager $signatoryManager;
116117
protected IAppConfig $appConfig;
118+
protected IURLGenerator $urlGenerator;
117119

118120
/** @var int */
119121
private $timeout;
@@ -182,6 +184,7 @@ public function __construct(array $parameters) {
182184
$this->signatureManager = Server::get(ISignatureManager::class);
183185
$this->signatoryManager = Server::get(OCMSignatoryManager::class);
184186
$this->appConfig = Server::get(IAppConfig::class);
187+
$this->urlGenerator = Server::get(IURLGenerator::class);
185188
}
186189

187190
protected function init(): void {
@@ -204,16 +207,17 @@ protected function init(): void {
204207
}
205208

206209
$client = $this->httpClientService->newClient();
210+
$clientId = parse_url($this->urlGenerator->getAbsoluteURL('/'), PHP_URL_HOST);
207211
$payload = [
208212
'grant_type' => 'authorization_code',
209-
'client_id' => 'receiver.example.org',
213+
'client_id' => $clientId,
210214
'code' => $this->user,
211215
];
212216

213217
$options = [
214-
'body' => json_encode($payload),
218+
'body' => http_build_query($payload),
215219
'headers' => [
216-
'Content-Type' => 'application/json',
220+
'Content-Type' => 'application/x-www-form-urlencoded',
217221
],
218222
'timeout' => 10,
219223
'connect_timeout' => 10,

0 commit comments

Comments
 (0)