http_url_escape_param(enc, input->token);
}
- if (http_url_parse(str_c(enc), NULL, 0, pool, &url, &error) < 0) {
+ if (http_url_parse(str_c(enc), NULL, HTTP_URL_ALLOW_USERINFO_PART, pool,
+ &url, &error) < 0) {
fail.error = t_strdup_printf("http_url_parse(%s) failed: %s",
str_c(enc), error);
oauth2_introspection_callback(req, &fail);
req);
}
- if (set->introspection_mode == INTROSPECTION_MODE_GET_AUTH)
+ if (url->user != NULL)
+ http_client_request_set_auth_simple(req->req, url->user, url->password);
+ else if (set->introspection_mode == INTROSPECTION_MODE_GET_AUTH)
http_client_request_add_header(req->req,
"Authorization",
t_strdup_printf("Bearer %s",
input->token));
-
oauth2_request_set_headers(req, input);
http_client_request_set_timeout_msecs(req->req,
req->re_callback = callback;
req->re_context = context;
- const char *_url = req->set->refresh_url;
- if (http_url_parse(_url, NULL, 0, pool, &url, &error) < 0) {
+ if (http_url_parse(req->set->refresh_url, NULL, HTTP_URL_ALLOW_USERINFO_PART,
+ pool, &url, &error) < 0) {
fail.error = t_strdup_printf("http_url_parse(%s) failed: %s",
- _url, error);
+ req->set->refresh_url, error);
oauth2_refresh_callback(req, &fail);
return req;
}
struct istream *is = i_stream_create_from_string(payload);
+ if (url->user != NULL)
+ http_client_request_set_auth_simple(req->req, url->user, url->password);
+
http_client_request_add_header(req->req, "Content-Type",
"application/x-www-form-urlencoded");
str_append(enc, req->set->tokeninfo_url);
http_url_escape_param(enc, input->token);
- if (http_url_parse(str_c(enc), NULL, 0, pool, &url, &error) < 0) {
+ if (http_url_parse(str_c(enc), NULL, HTTP_URL_ALLOW_USERINFO_PART, pool,
+ &url, &error) < 0) {
fail.error = t_strdup_printf("http_url_parse(%s) failed: %s",
str_c(enc), error);
oauth2_token_validation_callback(req, &fail);
req->req = http_client_request_url(req->set->client, "GET", url,
oauth2_token_validate_response,
req);
- http_client_request_add_header(req->req,
- "Authorization",
- t_strdup_printf("Bearer %s",
- input->token));
+
+ if (url->user != NULL)
+ http_client_request_set_auth_simple(req->req, url->user, url->password);
+ else
+ http_client_request_add_header(req->req,
+ "Authorization",
+ t_strdup_printf("Bearer %s",
+ input->token));
oauth2_request_set_headers(req, input);