[gnome-online-accounts/wip/oauth2: 6/10] oauth2: Use POST to request access token with authorization code grant

[Debarshi Ray <debarshir src gnome org>]

commit deafdb166d66a2489ecafaeac7a87d48e3ebe459
Author: Debarshi Ray <debarshir gnome org>
Date:   Thu Sep 13 14:37:36 2012 +0200

    oauth2: Use POST to request access token with authorization code grant
    
    GET was chosen in 0b39d4c9c39d82084baf486d796f5fdad84cd2cc because of
    a bug in earlier versions of Windows Live's OAuth 2.0 implementation
    that rejected POST as "service temporarily unavailable". See:
    http://windowsteamblog.com/windows_live/b/windowslive/archive/2011/12/14/anyone-can-build-a-windows-live-messenger-client-with-open-standards-access-via-xmpp.aspx
    
    That bug has now been fixed by Microsoft.
    
    Moreover, Google's OAuth 2.0 implementation does not work with GET.
    
    See: http://tools.ietf.org/html/draft-ietf-oauth-v2-31#section-4.1.3

 src/goabackend/goaoauth2provider.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)
---
diff --git a/src/goabackend/goaoauth2provider.c b/src/goabackend/goaoauth2provider.c
index 3eab89b..111ef4b 100644
--- a/src/goabackend/goaoauth2provider.c
+++ b/src/goabackend/goaoauth2provider.c
@@ -489,7 +489,8 @@ get_tokens_sync (GoaOAuth2Provider  *provider,
   proxy = rest_proxy_new (goa_oauth2_provider_get_token_uri (provider), FALSE);
   call = rest_proxy_new_call (proxy);
 
-  rest_proxy_call_set_method (call, "GET");
+  rest_proxy_call_set_method (call, "POST");
+  rest_proxy_call_add_header (call, "Content-Type", "application/x-www-form-urlencoded");
   rest_proxy_call_add_param (call, "client_id", goa_oauth2_provider_get_client_id (provider));
   rest_proxy_call_add_param (call, "redirect_uri", goa_oauth2_provider_get_redirect_uri (provider));