diff options
| author | Samuel Gaist <samuel.gaist@idiap.ch> | 2024-01-06 15:49:51 +0100 |
|---|---|---|
| committer | Samuel Gaist <samuel.gaist@idiap.ch> | 2024-04-23 15:52:28 +0100 |
| commit | 2a4c89779abfdc4ef12d0b4177233c7a2103620b (patch) | |
| tree | ecd17b7ae0f2b4c0818d310a920f6d403dd559b3 /src/oauth/qoauth2authorizationcodeflow.cpp | |
| parent | 17a604a789bdfd519f460004e2198c8524ab2d3a (diff) | |
Ensure the code is not encoded a second time if already percent encoded
Google recently changed the way they send their code and it is now
already percent encoded. This patch checks for the percent presence in
the code and does not change it again if it's there.
The alternative is to use:
google = new QOAuth2AuthorizationCodeFlow;
// Setup authentication parameters
google->setModifyParametersFunction(
[](QAbstractOAuth::Stage stage,
QMultiMap<QString, QVariant>* parameters) {
if (stage == QAbstractOAuth::Stage::RequestingAccessToken) {
QByteArray code = parameters->take("code").toByteArray();
parameters->insert("code", QUrl::fromPercentEncoding(code));
}
});
[ChangeLog][OAuth2] OAuth2 providers might be sending the authentication
code already percent encoded. This is the case of Google. This now a
supported use case and the code is not systematically encoded anymore.
Fixes: QTBUG-81624
Change-Id: I43d66223a2aedf01fe0996de6798acc6d881c16b
Reviewed-by: Juha Vuolle <juha.vuolle@qt.io>
Diffstat (limited to 'src/oauth/qoauth2authorizationcodeflow.cpp')
| -rw-r--r-- | src/oauth/qoauth2authorizationcodeflow.cpp | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/oauth/qoauth2authorizationcodeflow.cpp b/src/oauth/qoauth2authorizationcodeflow.cpp index 5738473..76d54a2 100644 --- a/src/oauth/qoauth2authorizationcodeflow.cpp +++ b/src/oauth/qoauth2authorizationcodeflow.cpp @@ -415,7 +415,12 @@ void QOAuth2AuthorizationCodeFlow::requestAccessToken(const QString &code) #endif QUrlQuery query; parameters.insert(Key::grantType, QStringLiteral("authorization_code")); - parameters.insert(Key::code, QUrl::toPercentEncoding(code)); + + if (code.contains(QLatin1Char('%'))) + parameters.insert(Key::code, code); + else + parameters.insert(Key::code, QUrl::toPercentEncoding(code)); + parameters.insert(Key::redirectUri, QUrl::toPercentEncoding(callback())); parameters.insert(Key::clientIdentifier, QUrl::toPercentEncoding(d->clientIdentifier)); if (!d->clientIdentifierSharedKey.isEmpty()) |