Merge pull request #15033 from iterate-ch/bugfix/GH-15031

Fix #15031
iterate-ch · Aug 25, 2023 · 8c61bb4 · 8c61bb4
2 parents cd01d85 + 6851d8e
commit 8c61bb4
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 7 deletions.
diff --git a/dropbox/src/main/java/ch/cyberduck/core/dropbox/DropboxSession.java b/dropbox/src/main/java/ch/cyberduck/core/dropbox/DropboxSession.java
@@ -28,7 +28,6 @@
 import ch.cyberduck.core.UseragentProvider;
 import ch.cyberduck.core.exception.BackgroundException;
 import ch.cyberduck.core.exception.ConnectionCanceledException;
-import ch.cyberduck.core.exception.LoginCanceledException;
 import ch.cyberduck.core.features.*;
 import ch.cyberduck.core.http.DefaultHttpRateLimiter;
 import ch.cyberduck.core.http.HttpSession;
@@ -77,7 +76,8 @@ public DropboxSession(final Host host, final X509TrustManager trust, final X509K
     protected CustomDbxRawClientV2 connect(final Proxy proxy, final HostKeyCallback callback, final LoginCallback prompt, final CancelCallback cancel) throws ConnectionCanceledException {
         final HttpClientBuilder configuration = builder.build(proxy, this, prompt);
         authorizationService = new OAuth2RequestInterceptor(configuration.build(), host, prompt)
-                .withRedirectUri(host.getProtocol().getOAuthRedirectUrl());
+                .withRedirectUri(host.getProtocol().getOAuthRedirectUrl())
+                .withParameter("token_access_type", "offline");
         configuration.addInterceptorLast(authorizationService);
         configuration.setServiceUnavailableRetryStrategy(new OAuth2ErrorResponseInterceptor(host, authorizationService, prompt));
         if(new HostPreferences(host).getBoolean("dropbox.limit.requests.enable")) {

diff --git a/oauth/src/main/java/ch/cyberduck/core/oauth/OAuth2AuthorizationService.java b/oauth/src/main/java/ch/cyberduck/core/oauth/OAuth2AuthorizationService.java
@@ -152,7 +152,7 @@ public OAuthTokens authorize(final Host bookmark, final LoginCallback prompt, fi
         // Save access key and refresh key
         return credentials.withOauth(new OAuthTokens(
                 response.getAccessToken(), response.getRefreshToken(),
-                null == response.getExpiresInSeconds() ? System.currentTimeMillis() :
+                null == response.getExpiresInSeconds() ? Long.MAX_VALUE :
                         System.currentTimeMillis() + response.getExpiresInSeconds() * 1000)).withSaved(new LoginOptions().keychain).getOauth();
     }
 
@@ -249,7 +249,9 @@ private TokenResponse authorizeWithPassword(final Credentials credentials) throw
 
     public OAuthTokens refresh(final OAuthTokens tokens) throws BackgroundException {
         if(StringUtils.isBlank(tokens.getRefreshToken())) {
-            log.warn("Missing refresh token");
+            if(log.isWarnEnabled()) {
+                log.warn(String.format("Missing refresh token in %s", tokens));
+            }
             return tokens;
         }
         if(log.isDebugEnabled()) {

diff --git a/oauth/src/main/java/ch/cyberduck/core/oauth/OAuth2RequestInterceptor.java b/oauth/src/main/java/ch/cyberduck/core/oauth/OAuth2RequestInterceptor.java
@@ -19,7 +19,6 @@
 import ch.cyberduck.core.HostPasswordStore;
 import ch.cyberduck.core.HostUrlProvider;
 import ch.cyberduck.core.LoginCallback;
-import ch.cyberduck.core.LoginOptions;
 import ch.cyberduck.core.OAuthTokens;
 import ch.cyberduck.core.PasswordStoreFactory;
 import ch.cyberduck.core.Scheme;
@@ -93,7 +92,6 @@ public OAuthTokens refresh(final OAuthTokens previous) throws BackgroundExceptio
      * @return Same tokens saved
      */
     public OAuthTokens save(final OAuthTokens tokens) throws LocalAccessDeniedException {
-        host.getCredentials().withOauth(tokens).withSaved(new LoginOptions().keychain);
         if(log.isDebugEnabled()) {
             log.debug(String.format("Save new tokens %s for %s", tokens, host));
         }
@@ -105,7 +103,12 @@ public OAuthTokens save(final OAuthTokens tokens) throws LocalAccessDeniedExcept
     public void process(final HttpRequest request, final HttpContext context) throws HttpException, IOException {
         if(tokens.isExpired()) {
             try {
-                this.save(this.refresh(tokens));
+                final OAuthTokens previous = tokens;
+                final OAuthTokens refreshed = this.refresh(tokens);
+                // Skip saving tokens when not changed
+                if(!refreshed.equals(previous)) {
+                    this.save(refreshed);
+                }
             }
             catch(BackgroundException e) {
                 log.warn(String.format("Failure %s refreshing OAuth tokens %s", e, tokens));