summaryrefslogtreecommitdiff
path: root/lib/curl_sasl.c
diff options
context:
space:
mode:
authorMert Yazıcıoğlu <mert@mertyazicioglu.com>2018-12-16 15:45:40 +0300
committerJay Satiro <raysatiro@yahoo.com>2019-04-02 15:52:12 -0400
commit6227e2bd07246de7a751b8de8cece6020802c264 (patch)
tree88884a9f188bcdb816ae5e7e31182999c4be3530 /lib/curl_sasl.c
parentd110d96b981fb0d0df54ded3f7fc876be891e2e3 (diff)
downloadcurl-6227e2bd07246de7a751b8de8cece6020802c264.tar.gz
vauth/oauth2: Fix OAUTHBEARER token generation
OAUTHBEARER tokens were incorrectly generated in a format similar to XOAUTH2 tokens. These changes make OAUTHBEARER tokens conform to the RFC7628. Fixes: #2487 Reported-by: Paolo Mossino Closes https://github.com/curl/curl/pull/3377
Diffstat (limited to 'lib/curl_sasl.c')
-rw-r--r--lib/curl_sasl.c14
1 files changed, 6 insertions, 8 deletions
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index 9e1a72e5e..456e08325 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -357,10 +357,9 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
sasl->authused = SASL_MECH_XOAUTH2;
if(force_ir || data->set.sasl_ir)
- result = Curl_auth_create_oauth_bearer_message(data, conn->user,
- NULL, 0,
- conn->oauth_bearer,
- &resp, &len);
+ result = Curl_auth_create_xoauth_bearer_message(data, conn->user,
+ conn->oauth_bearer,
+ &resp, &len);
}
else if(enabledmechs & SASL_MECH_PLAIN) {
mech = SASL_MECH_STRING_PLAIN;
@@ -562,10 +561,9 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
newstate = SASL_OAUTH2_RESP;
}
else
- result = Curl_auth_create_oauth_bearer_message(data, conn->user,
- NULL, 0,
- conn->oauth_bearer,
- &resp, &len);
+ result = Curl_auth_create_xoauth_bearer_message(data, conn->user,
+ conn->oauth_bearer,
+ &resp, &len);
break;
case SASL_OAUTH2_RESP: