Skip to content

Commit 02e06a2

Browse files
committed
fix(onedrive): send token-exchange parameters in the request body
The OneDrive OAuth code-for-token POST had no body at all, so Microsoft's token endpoint always rejected it and sign-in never completed. Unlike Google's endpoint (which accepts the params in the query string), Microsoft requires them in the x-www-form-urlencoded body. Add client_id, client_secret, code, redirect_uri and grant_type. Refs Authenticator-Extension#1494, Authenticator-Extension#1369, Authenticator-Extension#1408, Authenticator-Extension#1202, Authenticator-Extension#1424
1 parent d815f3e commit 02e06a2

1 file changed

Lines changed: 13 additions & 0 deletions

File tree

src/background.ts

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -379,6 +379,19 @@ function getBackupToken(service: string) {
379379
Accept: "application/json",
380380
"Content-Type": "application/x-www-form-urlencoded",
381381
},
382+
// Microsoft's token endpoint requires the parameters in the
383+
// request body; without it the exchange always failed and
384+
// OneDrive sign-in never completed.
385+
body:
386+
"client_id=" +
387+
getCredentials().onedrive.client_id +
388+
"&client_secret=" +
389+
getCredentials().onedrive.client_secret +
390+
"&code=" +
391+
value +
392+
"&redirect_uri=" +
393+
redirUrl +
394+
"&grant_type=authorization_code",
382395
}
383396
);
384397

0 commit comments

Comments
 (0)