token_issuer.rb in cf-uaa-lib-4.0.0

- old
+ new

@@ -11,10 +11,11 @@
 # subcomponent's license, as noted in the LICENSE file.
 #++
 
 require 'securerandom'
 require 'uaa/http'
+require 'cgi'
 
 module CF::UAA
 
 # The TokenInfo class is returned by various TokenIssuer methods. It holds access
 # and refresh tokens as well as token meta-data such as token type and
@@ -70,12 +71,17 @@
   # returns a CF::UAA::TokenInfo object which includes the access token and metadata.
   def request_token(params)
     if scope = Util.arglist(params.delete(:scope))
       params[:scope] = Util.strlist(scope)
     end
-    headers = {'content-type' => FORM_UTF8, 'accept' => JSON_UTF8,
-        'authorization' => Http.basic_auth(@client_id, @client_secret) }
+    headers = {'content-type' => FORM_UTF8, 'accept' => JSON_UTF8}
+    if @basic_auth
+      headers['authorization'] = Http.basic_auth(@client_id, @client_secret)
+    else
+      headers['X-CF-ENCODED-CREDENTIALS'] = 'true'
+      headers['authorization'] = Http.basic_auth(CGI.escape(@client_id), CGI.escape(@client_secret))
+    end
     reply = json_parse_reply(@key_style, *request(@token_target, :post,
         '/oauth/token', Util.encode_form(params), headers))
     raise BadResponse unless reply[jkey :token_type] && reply[jkey :access_token]
     TokenInfo.new(reply)
   end
@@ -107,9 +113,10 @@
   #   * +:symbolize_keys+, if true, returned hash keys are symbols.
   def initialize(target, client_id, client_secret = nil, options = {})
     @target, @client_id, @client_secret = target, client_id, client_secret
     @token_target = options[:token_target] || target
     @key_style = options[:symbolize_keys] ? :sym : nil
+    @basic_auth = options[:basic_auth] == true ? true : false
     initialize_http_options(options)
   end
 
   # Allows an app to discover what credentials are required for
   # {#implicit_grant_with_creds}.