From 4fa504f2f939808e6665bbfb223240fdecba82a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20Dagef=C3=B6rde?= Date: Wed, 12 Jul 2017 16:51:16 +0200 Subject: [PATCH] bad patch -- use basic auth together with payload-based auth... maybe a bad idea --- lib/classes/oauth2/client.php | 4 ++++ lib/oauthlib.php | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/lib/classes/oauth2/client.php b/lib/classes/oauth2/client.php index 528e511a0e..5d3add64c1 100644 --- a/lib/classes/oauth2/client.php +++ b/lib/classes/oauth2/client.php @@ -182,12 +182,16 @@ class client extends \oauth2_client { 'grant_type' => 'refresh_token' ); + $headersbefore = $this->header; + $this->header[] = "Authorization: Basic " . base64_encode("{$this->issuer->get('clientid')}:{$this->issuer->get('clientsecret')}"); + // Requests can either use http GET or POST. if ($this->use_http_get()) { $response = $this->get($this->token_url(), $params); } else { $response = $this->post($this->token_url(), $this->build_post_data($params)); } + $this->header = $headersbefore; if ($this->info['http_code'] !== 200) { throw new moodle_exception('Could not upgrade oauth token'); diff --git a/lib/oauthlib.php b/lib/oauthlib.php index 87fd236d0b..60630bbd47 100644 --- a/lib/oauthlib.php +++ b/lib/oauthlib.php @@ -544,12 +544,16 @@ abstract class oauth2_client extends curl { 'redirect_uri' => $callbackurl->out(false), ); + $headersbefore = $this->header; + $this->header[] = "Authorization: Basic " . base64_encode("{$this->clientid}:{$this->clientsecret}"); + // Requests can either use http GET or POST. if ($this->use_http_get()) { $response = $this->get($this->token_url(), $params); } else { $response = $this->post($this->token_url(), $this->build_post_data($params)); } + $this->header = $headersbefore; if ($this->info['http_code'] !== 200) { throw new moodle_exception('Could not upgrade oauth token'); -- 2.14.1