From a49668031d47786762eb81822d60cafcb9ef89b7 Mon Sep 17 00:00:00 2001
From: Stephen Birarda <commit@birarda.com>
Date: Thu, 1 May 2014 14:49:58 -0700
Subject: [PATCH] send a request for an access token after receiving auth code

---
 domain-server/src/DomainServer.cpp | 37 +++++++++++++++++++++++++-----
 domain-server/src/DomainServer.h   |  3 +++
 2 files changed, 34 insertions(+), 6 deletions(-)

diff --git a/domain-server/src/DomainServer.cpp b/domain-server/src/DomainServer.cpp
index caca8d74c1..5f5c67e82f 100644
--- a/domain-server/src/DomainServer.cpp
+++ b/domain-server/src/DomainServer.cpp
@@ -435,6 +435,13 @@ void DomainServer::handleConnectRequest(const QByteArray& packet, const HifiSock
     }
 }
 
+QUrl DomainServer::oauthRedirectURL() {
+    return QString("https://%1:%2/oauth").arg(_hostname).arg(_httpsManager->serverPort());
+}
+
+const QString OAUTH_CLIENT_ID_QUERY_KEY = "client_id";
+const QString OAUTH_REDIRECT_URI_QUERY_KEY = "redirect_uri";
+
 QUrl DomainServer::oauthAuthorizationURL() {
     // for now these are all interface clients that have a GUI
     // so just send them back the full authorization URL
@@ -445,7 +452,6 @@ QUrl DomainServer::oauthAuthorizationURL() {
     
     QUrlQuery authorizationQuery;
     
-    const QString OAUTH_CLIENT_ID_QUERY_KEY = "client_id";
     authorizationQuery.addQueryItem(OAUTH_CLIENT_ID_QUERY_KEY, _oauthClientID);
     
     const QString OAUTH_RESPONSE_TYPE_QUERY_KEY = "response_type";
@@ -456,10 +462,7 @@ QUrl DomainServer::oauthAuthorizationURL() {
     // create a new UUID that will be the state parameter for oauth authorization AND the new session UUID for that node
     authorizationQuery.addQueryItem(OAUTH_STATE_QUERY_KEY, uuidStringWithoutCurlyBraces(QUuid::createUuid()));
     
-    QString redirectURL = QString("https://%1:%2/oauth").arg(_hostname).arg(_httpsManager->serverPort());
-    
-    const QString OAUTH_REDIRECT_URI_QUERY_KEY = "redirect_uri";
-    authorizationQuery.addQueryItem(OAUTH_REDIRECT_URI_QUERY_KEY, redirectURL);
+    authorizationQuery.addQueryItem(OAUTH_REDIRECT_URI_QUERY_KEY, oauthRedirectURL().toString());
     
     authorizationURL.setQuery(authorizationQuery);
     
@@ -1036,13 +1039,31 @@ bool DomainServer::handleHTTPRequest(HTTPConnection* connection, const QUrl& url
 bool DomainServer::handleHTTPSRequest(HTTPSConnection* connection, const QUrl &url) {
     const QString URI_OAUTH = "/oauth";
     if (url.path() == URI_OAUTH) {
-        qDebug() << "Handling an OAuth authorization.";
         
         const QString CODE_QUERY_KEY = "code";
         QString authorizationCode = QUrlQuery(url).queryItemValue(CODE_QUERY_KEY);
         
         if (!authorizationCode.isEmpty()) {
+            // fire off a request with this code and state to get an access token for the user
+            static QNetworkAccessManager* networkAccessManager = new QNetworkAccessManager(this);
             
+            const QString OAUTH_TOKEN_REQUEST_PATH = "/oauth/token";
+            QUrl tokenRequestUrl = _oauthProviderURL;
+            tokenRequestUrl.setPath(OAUTH_TOKEN_REQUEST_PATH);
+            
+            const QString OAUTH_GRANT_TYPE_POST_STRING = "grant_type=authorization_code";
+            QString tokenPostBody = OAUTH_GRANT_TYPE_POST_STRING;
+            tokenPostBody += QString("&code=%1&redirect_uri=%2&client_id=%3&client_secret=%4")
+                .arg(authorizationCode, oauthRedirectURL().toString(), _oauthClientID, _oauthClientSecret);
+            tokenPostBody += "&state=MOTHERFUKCINGSTATE";
+            
+            QNetworkRequest tokenRequest(tokenRequestUrl);
+            tokenRequest.setHeader(QNetworkRequest::ContentTypeHeader, "application/x-www-form-urlencoded");
+            
+            networkAccessManager->post(QNetworkRequest(tokenRequestUrl), tokenPostBody.toLocal8Bit());
+            
+            connect(networkAccessManager, &QNetworkAccessManager::finished,
+                    this, &DomainServer::handleAuthCodeRequestFinished);
         }
         
         // respond with a 200 code indicating that login is complete
@@ -1054,6 +1075,10 @@ bool DomainServer::handleHTTPSRequest(HTTPSConnection* connection, const QUrl &u
     }
 }
 
+void DomainServer::handleAuthCodeRequestFinished(QNetworkReply* networkReply) {
+    qDebug() << "response for auth code request" << networkReply->readAll();
+}
+
 void DomainServer::refreshStaticAssignmentAndAddToQueue(SharedAssignmentPointer& assignment) {
     QUuid oldUUID = assignment->getUUID();
     assignment->resetUUID();
diff --git a/domain-server/src/DomainServer.h b/domain-server/src/DomainServer.h
index fa01459554..f19e7cf3c1 100644
--- a/domain-server/src/DomainServer.h
+++ b/domain-server/src/DomainServer.h
@@ -78,8 +78,11 @@ private:
     void refreshStaticAssignmentAndAddToQueue(SharedAssignmentPointer& assignment);
     void addStaticAssignmentsToQueue();
     
+    QUrl oauthRedirectURL();
     QUrl oauthAuthorizationURL();
     
+    void handleAuthCodeRequestFinished(QNetworkReply* networkReply);
+    
     QJsonObject jsonForSocket(const HifiSockAddr& socket);
     QJsonObject jsonObjectForNode(const SharedNodePointer& node);