Fix bug where redirect_uri not being included with token request.

gtritchie · Jul 28, 2016 · d319f5d · d319f5d
1 parent 11ddc50
commit d319f5d
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,10 @@
 Changelog
 =========
 
+### 1.0.7 (2016-07-27)
+
+- Fix [Token request does not include redirect_uri as per oauth2 spec](https://github.com/gtritchie/WOPIAuth/issues/8)
+
 ### 1.0.6 (2016-06-18)
 
 - Fix [The Refresh button doesn't show the progress control or the Stop Request button](https://github.com/gtritchie/WOPIAuth/issues/1)

diff --git a/WOPIAuth/ConnectionDetailsViewController.swift b/WOPIAuth/ConnectionDetailsViewController.swift
@@ -109,7 +109,8 @@ class ConnectionDetailsViewController: NSViewController, ConnectionViewing, Prov
 		let tokenFetcher = TokenFetcher(tokenURL: tokenUrl, clientId: selectedProvider!.clientId,
 		                                clientSecret: selectedProvider!.clientSecret,
 		                                authCode: selectedConnection!.refreshToken,
-		                                sessionContext: selectedConnection!.sessionContext)
+		                                sessionContext: selectedConnection!.sessionContext,
+		                                redirectUri: selectedProvider!.redirectUrl)
 		startRequest(sender, tokenFetcher)
 		tokenFetcher.fetchTokensUsingCompletionHandler(forRefresh: true) { (result) in
 			switch result {

diff --git a/WOPIAuth/Info.plist b/WOPIAuth/Info.plist
@@ -21,7 +21,7 @@
 	<key>CFBundleSignature</key>
 	<string>????</string>
 	<key>CFBundleVersion</key>
-	<string>6</string>
+	<string>7</string>
 	<key>LSApplicationCategoryType</key>
 	<string></string>
 	<key>LSMinimumSystemVersion</key>

diff --git a/WOPIAuth/TokenFetcher.swift b/WOPIAuth/TokenFetcher.swift
@@ -30,6 +30,7 @@ class TokenFetcher: Fetcher {
 	private var clientSecret: String
 	private var authCode: String
 	private var sessionContext: String
+	private var redirectUri: String
 
 	/// Used to return results from async call
 	enum FetchTokenResult {
@@ -49,11 +50,12 @@ class TokenFetcher: Fetcher {
 
 	// MARK: Life Cycle
 
-	init(tokenURL: NSURL, clientId: String, clientSecret: String, authCode: String, sessionContext: String) {
+	init(tokenURL: NSURL, clientId: String, clientSecret: String, authCode: String, sessionContext: String, redirectUri: String) {
 		self.clientId = clientId
 		self.clientSecret = clientSecret
 		self.authCode = authCode
 		self.sessionContext = sessionContext
+		self.redirectUri = redirectUri
 		super.init(url: tokenURL, errorDomain: "Token Exchange")
 	}
 
@@ -86,6 +88,7 @@ class TokenFetcher: Fetcher {
 			loggingPostParams["grant_type"] = "refresh_token"
 		} else {
 			loggingPostParams["grant_type"] = "authorization_code"
+			loggingPostParams["redirect_uri"] = redirectUri
 		}
 		let loggingPostString = formEncodedQueryStringFor(loggingPostParams)
 
@@ -102,6 +105,7 @@ class TokenFetcher: Fetcher {
 			postParams["grant_type"] = "refresh_token"
 		} else {
 			postParams["grant_type"] = "authorization_code"
+			postParams["redirect_uri"] = redirectUri
 		}
 		let postString = formEncodedQueryStringFor(postParams)
 

diff --git a/WOPIAuth/WOPIFlowViewController.swift b/WOPIAuth/WOPIFlowViewController.swift
@@ -226,7 +226,8 @@ class WOPIFlowViewController: NSViewController, ConnectionCreating {
 
 		let tokenFetcher = TokenFetcher(tokenURL: tokenUrl, clientId: provider!.clientId,
 		                                clientSecret: provider!.clientSecret, authCode: authCode!,
-		                                sessionContext: connection!.sessionContext)
+		                                sessionContext: connection!.sessionContext,
+		                                redirectUri: provider!.redirectUrl)
 		activeFetcher = tokenFetcher
 		tokenFetcher.fetchTokensUsingCompletionHandler(forRefresh: false) { (result) in
 			switch result {