From 1d2f32fd7ec746b63ccc1fbc66878bfb8cc39a46 Mon Sep 17 00:00:00 2001
From: Aaron Parecki <aaron@parecki.com>
Date: Tue, 14 Mar 2017 10:49:26 -0700
Subject: [PATCH] Authentication fixes: grant_type and json response handling

* sends `grant_type` parameter for code exchange
* accepts both form-encoded and json responses from token endpoint
---
 src/shpub/Command/Connect.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/shpub/Command/Connect.php b/src/shpub/Command/Connect.php
index 6634267..748e905 100644
--- a/src/shpub/Command/Connect.php
+++ b/src/shpub/Command/Connect.php
@@ -126,6 +126,7 @@ class Command_Connect
         $req->setBody(
             http_build_query(
                 [
+                    'grant_type'   => 'authorization_code',
                     'me'           => $userUrl,
                     'code'         => $code,
                     'redirect_uri' => $redirect_uri,
@@ -141,11 +142,14 @@ class Command_Connect
             Log::err($res->getBody());
             exit(2);
         }
-        if ($res->getHeader('content-type') != 'application/x-www-form-urlencoded') {
+        if ($res->getHeader('content-type') == 'application/x-www-form-urlencoded') {
+            parse_str($res->getBody(), $tokenParams);
+        } elseif ($res->getHeader('content-type') == 'application/json') {
+            $tokenParams = json_decode($res->getBody(), true);
+        } else {
             Log::err('Wrong content type in auth verification response');
             exit(2);
         }
-        parse_str($res->getBody(), $tokenParams);
         if (!isset($tokenParams['access_token'])) {
             Log::err('"access_token" missing');
             exit(2);
-- 
2.30.2