From: Christian Kamm <mail@ckamm.de>
Date: Mon, 11 Sep 2017 10:23:52 +0000 (+0200)
Subject: OAuth: Pass client auth in header instead of url
X-Git-Tag: archive/raspbian/3.16.7-1_deb13u1+rpi1~1^2~701^2~102
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=a79b0a37916f5f467a05739a1494eb189a49f14d;p=nextcloud-desktop.git

OAuth: Pass client auth in header instead of url

To play more nicely with redirects.
---

diff --git a/src/gui/creds/oauth.cpp b/src/gui/creds/oauth.cpp
index 9926700f7..4f0b72a9f 100644
--- a/src/gui/creds/oauth.cpp
+++ b/src/gui/creds/oauth.cpp
@@ -79,10 +79,11 @@ void OAuth::start()
                     + QLatin1String("/index.php/apps/oauth2/api/v1/token?grant_type=authorization_code&code=")
                     + code
                     + QLatin1String("&redirect_uri=http://localhost:") + QString::number(_server.serverPort()));
-                requestToken.setUserName(Theme::instance()->oauthClientId());
-                requestToken.setPassword(Theme::instance()->oauthClientSecret());
                 QNetworkRequest req;
                 req.setHeader(QNetworkRequest::ContentTypeHeader, "application/x-www-form-urlencoded");
+                QString basicAuth = QString("%1:%2").arg(
+                    Theme::instance()->oauthClientId(), Theme::instance()->oauthClientSecret());
+                req.setRawHeader("Authorization", "Basic " + basicAuth.toUtf8().toBase64());
                 auto job = _account->sendRequest("POST", requestToken, req);
                 QObject::connect(job, &SimpleNetworkJob::finishedSignal, this, [this, socket](QNetworkReply *reply) {
                     auto jsonData = reply->readAll();