From: Olivier Goffart <ogoffart@woboq.com>
Date: Mon, 18 Jun 2018 10:43:21 +0000 (+0200)
Subject: Wizard + OAuth: Make opening a new browser after clicking back works again
X-Git-Tag: archive/raspbian/3.16.7-1_deb13u1+rpi1~1^2~12^2~21^2~468^2~572
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=0155a4fa73b30973002263cfc22854b15cbcb9f4;p=nextcloud-desktop.git

Wizard + OAuth: Make opening a new browser after clicking back works again

Issue #6574

When there is an error in the advanced page, OwncloudAdvancedSetupPage::updateStatus
(and others) call completeChanged(), which is connected to
QWizardPrivate::_q_updateButtonStates which will re-enable the back button from the
last page.

When the user click "back" and re-open the browser, the account's credentials
already have a oauth token set. So the call to the API to get a new token fails
because we use the previous token instead of using the client's secret_id.
Fix this with the HttpCredentials::DontAddCredentialsAttribute.

Now, this is still not working because the session cookies are confusing the
server.  So we'll clear the cookies when re-opening the browser
---

diff --git a/src/gui/creds/oauth.cpp b/src/gui/creds/oauth.cpp
index fa040955f..353384aa7 100644
--- a/src/gui/creds/oauth.cpp
+++ b/src/gui/creds/oauth.cpp
@@ -22,6 +22,7 @@
 #include <QJsonDocument>
 #include "theme.h"
 #include "networkjobs.h"
+#include "creds/httpcredentials.h"
 
 namespace OCC {
 
@@ -83,6 +84,8 @@ void OAuth::start()
                 QString basicAuth = QString("%1:%2").arg(
                     Theme::instance()->oauthClientId(), Theme::instance()->oauthClientSecret());
                 req.setRawHeader("Authorization", "Basic " + basicAuth.toUtf8().toBase64());
+                // We just added the Authorization header, don't let HttpCredentialsAccessManager tamper with it
+                req.setAttribute(HttpCredentials::DontAddCredentialsAttribute, true);
 
                 auto requestBody = new QBuffer;
                 QUrlQuery arguments(QString(
diff --git a/src/gui/wizard/owncloudoauthcredspage.cpp b/src/gui/wizard/owncloudoauthcredspage.cpp
index 9ed5da0d3..79f36ba36 100644
--- a/src/gui/wizard/owncloudoauthcredspage.cpp
+++ b/src/gui/wizard/owncloudoauthcredspage.cpp
@@ -125,6 +125,8 @@ void OwncloudOAuthCredsPage::slotOpenBrowser()
     if (_ui.errorLabel)
         _ui.errorLabel->hide();
 
+    qobject_cast<OwncloudWizard *>(wizard())->account()->clearCookieJar(); // #6574
+
     if (_asyncAuth)
         _asyncAuth->openBrowser();
 }