Add missing `Authorization` header on MAL refresh token request (#7686)

* Add missing Authorization header on MAL refresh token request. * Make sure to also close the response when it have failed. (cherry picked from commit 5315467908)
2 years ago · 03e4eb1061
parent 09a3509d79
commit 03e4eb1061
2 changed files with 28 additions and 6 deletions
--- a/app/src/main/java/eu/kanade/tachiyomi/data/track/myanimelist/MyAnimeListApi.kt
+++ b/app/src/main/java/eu/kanade/tachiyomi/data/track/myanimelist/MyAnimeListApi.kt
@ -22,6 +22,7 @@ import kotlinx.serialization.json.jsonArray
 import kotlinx.serialization.json.jsonObject
 import kotlinx.serialization.json.jsonPrimitive
 import okhttp3.FormBody
 import okhttp3.Headers
 import okhttp3.OkHttpClient
 import okhttp3.Request
 import okhttp3.RequestBody
@ -256,13 +257,21 @@ class MyAnimeListApi(private val client: OkHttpClient, interceptor: MyAnimeListI
            .appendPath("my_list_status")
            .build()
-        fun refreshTokenRequest(refreshToken: String): Request {
+        fun refreshTokenRequest(oauth: OAuth): Request {
            val formBody: RequestBody = FormBody.Builder()
                .add("client_id", clientId)
-                .add("refresh_token", refreshToken)
+                .add("refresh_token", oauth.refresh_token)
                .add("grant_type", "refresh_token")
                .build()
-            return POST("$baseOAuthUrl/token", body = formBody)
+
            // Add the Authorization header manually as this particular
            // request is called by the interceptor itself so it doesn't reach
            // the part where the token is added automatically.
            val headers = Headers.Builder()
                .add("Authorization", "Bearer ${oauth.access_token}")
                .build()
            return POST("$baseOAuthUrl/token", body = formBody, headers = headers)
        }
        private fun getPkceChallengeCode(): String {
--- a/app/src/main/java/eu/kanade/tachiyomi/data/track/myanimelist/MyAnimeListInterceptor.kt
+++ b/app/src/main/java/eu/kanade/tachiyomi/data/track/myanimelist/MyAnimeListInterceptor.kt
@ -1,9 +1,11 @@
 package eu.kanade.tachiyomi.data.track.myanimelist
 import eu.kanade.tachiyomi.network.parseAs
 import kotlinx.serialization.decodeFromString
 import kotlinx.serialization.json.Json
 import okhttp3.Interceptor
 import okhttp3.Response
 import okhttp3.internal.closeQuietly
 import uy.kohesive.injekt.injectLazy
 import java.io.IOException
@ -24,11 +26,22 @@ class MyAnimeListInterceptor(private val myanimelist: MyAnimeList, private var t
        }
        // Refresh access token if expired
        if (oauth != null && oauth!!.isExpired()) {
-            chain.proceed(MyAnimeListApi.refreshTokenRequest(oauth!!.refresh_token)).use {
+            val newOauth = runCatching {
-                if (it.isSuccessful) {
+                val oauthResponse = chain.proceed(MyAnimeListApi.refreshTokenRequest(oauth!!))
-                    setAuth(json.decodeFromString(it.body!!.string()))
+
                if (oauthResponse.isSuccessful) {
                    oauthResponse.parseAs<OAuth>()
                } else {
                    oauthResponse.closeQuietly()
                    null
                }
            }
            if (newOauth.getOrNull() == null) {
                throw IOException("Failed to refresh the access token")
            }
            setAuth(newOauth.getOrNull())
        }
        if (oauth == null) {
            throw IOException("No authentication token")