From 7b5d2fd79f9fecfe7293961bef3e40134dfe177f Mon Sep 17 00:00:00 2001 From: Jim Broadus Date: Tue, 23 Feb 2021 12:43:16 -0800 Subject: [PATCH] onedrive: Fix authentication Discontinue use of obsolete auth endpoints. Update the name of the settings group as well since the existing skydrive settings are no longer useful. Reference: https://docs.microsoft.com/en-us/onedrive/developer/rest-api/concepts/migrating-from-live-sdk --- src/internet/core/oauthenticator.cpp | 8 +++++--- src/internet/core/oauthenticator.h | 2 +- src/internet/skydrive/skydriveservice.cpp | 16 +++++++++------- 3 files changed, 15 insertions(+), 11 deletions(-) diff --git a/src/internet/core/oauthenticator.cpp b/src/internet/core/oauthenticator.cpp index 0cd34f71c..43941f152 100644 --- a/src/internet/core/oauthenticator.cpp +++ b/src/internet/core/oauthenticator.cpp @@ -102,15 +102,17 @@ QByteArray OAuthenticator::ParseHttpRequest(const QByteArray& request) const { } void OAuthenticator::RequestAccessToken(const QByteArray& code, - const QUrl& url) { + const QUrl& redirect_url) { typedef QPair Param; QList parameters; parameters << Param("code", code) << Param("client_id", client_id_) - << Param("client_secret", client_secret_) << Param("grant_type", "authorization_code") // Even though we don't use this URI anymore, it must match the // original one. - << Param("redirect_uri", url.toString()); + << Param("redirect_uri", redirect_url.toString()); + if (!client_secret_.isEmpty()) { + parameters << Param("client_secret", client_secret_); + } QStringList params; for (const Param& p : parameters) { diff --git a/src/internet/core/oauthenticator.h b/src/internet/core/oauthenticator.h index 64cf6c404..a0063425a 100644 --- a/src/internet/core/oauthenticator.h +++ b/src/internet/core/oauthenticator.h @@ -74,7 +74,7 @@ class OAuthenticator : public QObject { static const char* kRemoteURL; QByteArray ParseHttpRequest(const QByteArray& request) const; - void RequestAccessToken(const QByteArray& code, const QUrl& url); + void RequestAccessToken(const QByteArray& code, const QUrl& redirect_url); void SetExpiryTime(int expires_in_seconds); NetworkAccessManager network_; diff --git a/src/internet/skydrive/skydriveservice.cpp b/src/internet/skydrive/skydriveservice.cpp index 4b218e3a8..44aebbd74 100644 --- a/src/internet/skydrive/skydriveservice.cpp +++ b/src/internet/skydrive/skydriveservice.cpp @@ -36,14 +36,16 @@ namespace { static const char* kServiceId = "skydrive"; -static const char* kClientId = "0000000040111F16"; -static const char* kClientSecret = "w2ClguSX0jG56cBl1CeUniypTBRjXt2Z"; +static const char* kClientId = "905def38-34d2-4e32-8ba7-c37bcc329047"; +static const char* kClientSecret = ""; +// https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow static const char* kOAuthEndpoint = - "https://login.live.com/oauth20_authorize.srf"; + "https://login.microsoftonline.com/common/oauth2/v2.0/authorize"; static const char* kOAuthTokenEndpoint = - "https://login.live.com/oauth20_token.srf"; -static const char* kOAuthScope = "wl.basic wl.skydrive wl.offline_access"; + "https://login.microsoftonline.com/common/oauth2/v2.0/token"; +static const char* kOAuthScope = + "User.Read Files.Read Files.Read.All offline_access"; static const char* kLiveUserInfo = "https://apis.live.net/v5.0/me"; static const char* kSkydriveBase = "https://apis.live.net/v5.0/"; @@ -51,7 +53,7 @@ static const char* kSkydriveBase = "https://apis.live.net/v5.0/"; } // namespace const char* SkydriveService::kServiceName = "OneDrive"; -const char* SkydriveService::kSettingsGroup = "Skydrive"; +const char* SkydriveService::kSettingsGroup = "OneDrive"; SkydriveService::SkydriveService(Application* app, InternetModel* parent) : CloudFileService(app, parent, kServiceName, kServiceId, @@ -73,7 +75,7 @@ QString SkydriveService::refresh_token() const { void SkydriveService::Connect() { OAuthenticator* oauth = new OAuthenticator( - kClientId, kClientSecret, OAuthenticator::RedirectStyle::REMOTE, this); + kClientId, kClientSecret, OAuthenticator::RedirectStyle::LOCALHOST, this); if (!refresh_token().isEmpty()) { oauth->RefreshAuthorisation(kOAuthTokenEndpoint, refresh_token()); } else {