OAuth params

2 years ago · 101f8f2028
parent 6e8951681c
commit 101f8f2028
2 changed files with 13 additions and 1 deletions
--- a/app/src/main/java/eu/faircode/email/ServiceAuthenticator.java
+++ b/app/src/main/java/eu/faircode/email/ServiceAuthenticator.java
@ -24,6 +24,7 @@ import static eu.faircode.email.GmailState.TYPE_GOOGLE;
 import android.accounts.AuthenticatorException;
 import android.accounts.OperationCanceledException;
 import android.content.Context;
+import android.text.TextUtils;

 import androidx.annotation.NonNull;

@ -41,6 +42,8 @@ import org.json.JSONException;

 import java.io.IOException;
 import java.util.Date;
+import java.util.LinkedHashMap;
+import java.util.Map;
 import java.util.Objects;
 import java.util.concurrent.Semaphore;
 import java.util.concurrent.TimeUnit;
@ -182,6 +185,10 @@ public class ServiceAuthenticator extends Authenticator {
            ErrorHolder holder = new ErrorHolder();
            Semaphore semaphore = new Semaphore(0);

+            Map<String, String> params = new LinkedHashMap<>();
+            if (provider.oauth.tokenScopes)
+                params.put("scope", TextUtils.join(" ", provider.oauth.scopes));
+
            Log.i("OAuth refresh user=" + id + ":" + user);
            AppAuthConfiguration config = new AppAuthConfiguration.Builder()
                    .setBrowserMatcher(new BrowserMatcher() {
@ -195,6 +202,7 @@ public class ServiceAuthenticator extends Authenticator {
            authState.performActionWithFreshTokens(
                    authService,
                    clientAuth,
+                    //params,
                    new AuthState.AuthStateAction() {
                        @Override
                        public void execute(String accessToken, String idToken, AuthorizationException error) {
--- a/app/src/main/res/xml/providers.xml
+++ b/app/src/main/res/xml/providers.xml
@ -189,7 +189,11 @@
            redirectUri="msauth.eu.faircode.email://auth"
            scopes="profile,openid,email,offline_access,https://outlook.office.com/IMAP.AccessAsUser.All,https://outlook.office.com/SMTP.Send,https://outlook.office.com/POP.AccessAsUser.All"
            tokenEndpoint="https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token"
-            tokenScopes="true" />
+            tokenScopes="true">
+            <!--parameter
+                key="domain_hint"
+                value="9188040d-6c67-4c5b-b112-36a304b66dad" /-->
+        </oauth>
        <!-- https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow -->
        <!-- https://docs.microsoft.com/en-us/exchange/client-developer/legacy-protocols/how-to-authenticate-an-imap-pop-smtp-application-by-using-oauth -->
        <!-- https://learn.microsoft.com/en-us/azure/active-directory/develop/redirect-uris-ios -->