Authentication fixes: grant_type and json response handling

* sends `grant_type` parameter for code exchange
* accepts both form-encoded and json responses from token endpoint

diff --git a/src/shpub/Command/Connect.php b/src/shpub/Command/Connect.php
index 66342670235bb155ba459c1746b641ed2f74f58a..748e905f73ee64a9dba2ee8e83bf77b8fe835b58 100644 (file)
--- a/src/shpub/Command/Connect.php
+++ b/src/shpub/Command/Connect.php
@@ -126,6 +126,7 @@ class Command_Connect
         $req->setBody(
             http_build_query(
                 [
+                    'grant_type'   => 'authorization_code',
                     'me'           => $userUrl,
                     'code'         => $code,
                     'redirect_uri' => $redirect_uri,
@@ -141,11 +142,14 @@ class Command_Connect
             Log::err($res->getBody());
             exit(2);
         }
-        if ($res->getHeader('content-type') != 'application/x-www-form-urlencoded') {
+        if ($res->getHeader('content-type') == 'application/x-www-form-urlencoded') {
+            parse_str($res->getBody(), $tokenParams);
+        } elseif ($res->getHeader('content-type') == 'application/json') {
+            $tokenParams = json_decode($res->getBody(), true);
+        } else {
             Log::err('Wrong content type in auth verification response');
             exit(2);
         }
-        parse_str($res->getBody(), $tokenParams);
         if (!isset($tokenParams['access_token'])) {
             Log::err('"access_token" missing');
             exit(2);