Merge pull request #416 from devysf/github_gitlab_save_token_failure

Fixed the contract of requests made to github/gitlab access token end…
jhipster · Sep 20, 2023 · f152326 · f152326
2 parents 9be1842 + 7035e2e
commit f152326
Showing 1 changed file with 32 additions and 18 deletions.
diff --git a/src/main/java/io/github/jhipster/online/web/rest/GitResource.java b/src/main/java/io/github/jhipster/online/web/rest/GitResource.java
@@ -36,6 +36,8 @@
 import java.net.http.HttpRequest;
 import java.net.http.HttpResponse;
 import java.util.Collection;
+import java.util.HashMap;
+import java.util.Map;
 import java.util.Optional;
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.TimeUnit;
@@ -114,45 +116,44 @@ public RedirectView callback(@PathVariable String gitProvider, String code) {
         try {
             String url;
             GitProvider gitProviderEnum;
-            GitAccessTokenRequest request = new GitAccessTokenRequest();
+            Map<String, String> params = new HashMap<>();
             switch (gitProvider.toLowerCase()) {
                 case GITHUB:
                     url = applicationProperties.getGithub().getHost() + "/login/oauth/access_token";
                     gitProviderEnum = GitProvider.GITHUB;
-                    request.setClientId(applicationProperties.getGithub().getClientId());
-                    request.setClientSecret(applicationProperties.getGithub().getClientSecret());
-                    request.setCode(code);
+                    params.put("client_id", applicationProperties.getGithub().getClientId());
+                    params.put("client_secret", applicationProperties.getGithub().getClientSecret());
+                    params.put("code", code);
                     break;
                 case GITLAB:
                     url = applicationProperties.getGitlab().getHost() + "/oauth/token";
                     gitProviderEnum = GitProvider.GITLAB;
-                    request.setClientId(applicationProperties.getGitlab().getClientId());
-                    request.setClientSecret(applicationProperties.getGitlab().getClientSecret());
-                    request.setGrantType("authorization_code");
-                    request.setRedirectUri(applicationProperties.getGitlab().getRedirectUri());
-                    request.setCode(code);
+                    params.put("client_id", applicationProperties.getGitlab().getClientId());
+                    params.put("client_secret", applicationProperties.getGitlab().getClientSecret());
+                    params.put("code", code);
+                    params.put("grant_type", "authorization_code");
+                    params.put("redirect_uri", applicationProperties.getGitlab().getRedirectUri());
                     break;
                 default:
                     return new ResponseEntity<>(UNKNOWN_GIT_PROVIDER + gitProvider, HttpStatus.INTERNAL_SERVER_ERROR);
             }
 
             ObjectMapper objectMapper = new ObjectMapper();
-            String requestBody = objectMapper.writeValueAsString(request);
             HttpClient client = HttpClient.newHttpClient();
             HttpRequest httpRequest = HttpRequest
                 .newBuilder()
                 .uri(URI.create(url))
-                .header("Content-Type", MediaType.APPLICATION_JSON_VALUE)
+                .header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED_VALUE)
                 .header("Accept", MediaType.APPLICATION_JSON_VALUE)
                 .header("User-Agent", "Mozilla/5.0 (X11; Linux x86_64; rv:72.0) Gecko/20100101 Firefox/72.0")
-                .POST(HttpRequest.BodyPublishers.ofString(requestBody))
+                .POST(HttpRequest.BodyPublishers.ofString(buildQueryString(params)))
                 .build();
 
             CompletableFuture<HttpResponse<String>> response = client.sendAsync(httpRequest, HttpResponse.BodyHandlers.ofString());
 
             String jsonResponse = response.thenApply(HttpResponse::body).get(5, TimeUnit.SECONDS);
             GitAccessTokenResponse accessTokenResponse = objectMapper.readValue(jsonResponse, GitAccessTokenResponse.class);
-            this.userService.saveToken(accessTokenResponse.getAccessToken(), gitProviderEnum);
+            this.userService.saveToken(accessTokenResponse.getAccess_token(), gitProviderEnum);
         } catch (InterruptedException e) {
             log.warn("Interrupted!", e);
             // Restore interrupted state...
@@ -164,6 +165,19 @@ public RedirectView callback(@PathVariable String gitProvider, String code) {
         return new ResponseEntity<>(HttpStatus.CREATED);
     }
 
+    private static String buildQueryString(Map<String, String> params) {
+        StringBuilder queryString = new StringBuilder();
+        for (Map.Entry<String, String> entry : params.entrySet()) {
+            if (queryString.length() > 0) {
+                queryString.append("&");
+            }
+            queryString.append(entry.getKey());
+            queryString.append("=");
+            queryString.append(entry.getValue());
+        }
+        return queryString.toString();
+    }
+
     public static class GitAccessTokenRequest {
 
         private String clientId;
@@ -243,14 +257,14 @@ public String toString() {
     @JsonIgnoreProperties(ignoreUnknown = true)
     public static class GitAccessTokenResponse {
 
-        private String accessToken;
+        private String access_token;
 
-        public String getAccessToken() {
-            return accessToken;
+        public String getAccess_token() {
+            return access_token;
         }
 
-        public void setAccessToken(String accessToken) {
-            this.accessToken = accessToken;
+        public void setAccess_token(String access_token) {
+            this.access_token = access_token;
         }
     }