~fitzsim/url-http-oauth

1ecb40b5454af9346cf6d2092e45eb96029f41ad — Thomas Fitzsimmons 11 months ago fcb5929
Make some adjustments based on testing

* url-http-oauth.el (url-http-oauth-get-access-token-grant): Omit
authorization header if it is not required.  Include client_id and
redirect_uri in request data.  Downcase token_type value.
(url-http-oauth-get-bearer): Encode scope for auth-source search.
1 files changed, 27 insertions(+), 16 deletions(-)

M url-http-oauth.el
M url-http-oauth.el => url-http-oauth.el +27 -16
@@ 185,15 185,20 @@ Filter out nil spec entries prior to searching."
                            (format "%s:%s" client-identifier client-secret)
                            t))))
         (url-request-extra-headers
          (if authorization
              (list (cons "Content-Type" "application/x-www-form-urlencoded")
                    (cons "Authorization" authorization))
            ;; client-secret-method was nil; no authorization required.
            (list (cons "Content-Type" "application/x-www-form-urlencoded"))))
          (apply #'list
                 (cons "Content-Type" "application/x-www-form-urlencoded")
                 (when authorization (cons "Authorization" authorization))))
         (redirect-uri
          (cdr (assoc "redirect_uri"
                      (cdr (assoc "authorization-extra-arguments"
                                  url-settings)))))
         (url-request-data
          (url-build-query-string
           (list (list "grant_type" "authorization_code")
                 (list "code" code)))))
           (apply #'list (list "code" code)
                  (list "client_id" client-identifier)
                  (list "grant_type" "authorization_code")
                  (when redirect-uri
                    (list (list "redirect_uri" redirect-uri)))))))
    (with-current-buffer (url-retrieve-synchronously access-token-object)
      (if (eq 'OK (car (alist-get url-http-response-status url-http-codes)))
          (progn


@@ 201,7 206,7 @@ Filter out nil spec entries prior to searching."
            (re-search-forward "\n\n")
            (let* ((grant (url-http-oauth-json-parse-buffer))
                   (type (gethash "token_type" grant)))
              (unless (equal type "bearer" )
              (unless (equal (dowcase type) "bearer")
                (error "Unrecognized token type %s for %s at %s" type
                       client-identifier (url-http-oauth-url-string url)))
              ;; Success, so save client secret, if necessary.


@@ 247,7 252,7 @@ URL is a parsed object."
         (url-settings (url-http-oauth-settings url))
         (path-and-query (url-path-and-query url))
         (path (car path-and-query))
         (scope (cdr (assoc "scope" url-settings)))
         (scope (url-http-oauth-encode-scope (cdr (assoc "scope" url-settings))))
         (bearer-current (url-http-oauth-auth-info-password
                          (car
                           (let ((auth-source-do-cache nil))


@@ 284,13 289,19 @@ URL is a parsed object."
                             :host (url-host url)
                             :port (url-http-oauth-port url)
                             :path path
                             :scope (if (string= (gethash "scope" grant)
                                                 scope)
                                        (url-http-oauth-encode-scope scope)
                                      (error
                                       (concat "url-http-oauth:"
                                               " Returned scope did not"
                                               " match requested scope")))
                             :scope
                             (let ((returned-scope
                                    (gethash "scope" grant)))
                               (if (string=
                                    (url-http-oauth-encode-scope
                                     returned-scope)
                                    scope)
                                   scope
                                 (error
                                  (concat "url-http-oauth:"
                                          " Returned scope %S did not"
                                          " match requested scope"
                                          returned-scope))))
                             :expiry (url-http-oauth-expiry-string grant)
                             :secret bearer-retrieved))
               (save-function (plist-get (car auth-result) :save-function)))