Get unique state ID via http handler too.

src/network-web/oauth2service.cpp

@@ -48,7 +48,7 @@ OAuth2Service::OAuth2Service(const QString& id_string, const QString& auth_url,
   : QObject(parent), m_timerId(-1), m_tokensExpireIn(QDateTime()) {
 
   if (id_string.isEmpty()) {
-    m_id = "somerandomstring";
+    m_id = QString::number(std::rand());
   }
   else {
     m_id = id_string;
@@ -66,9 +66,19 @@ OAuth2Service::OAuth2Service(const QString& id_string, const QString& auth_url,
   connect(&m_networkManager, SIGNAL(finished(QNetworkReply*)), this, SLOT(tokenRequestFinished(QNetworkReply*)));
 
 #if !defined(USE_WEBENGINE)
-  connect(handler(), &OAuthHttpHandler::authGranted, this, &OAuth2Service::retrieveAccessToken);
+  connect(handler(), &OAuthHttpHandler::authGranted, [this](const QString& auth_code, const QString& id) {
-  connect(handler(), &OAuthHttpHandler::authRejected, [this](const QString& error_description) {
+    if (id.isEmpty() || id == m_id) {
+      // We process this further only if handler (static singleton) responded to our original request.
+      retrieveAccessToken(auth_code);
+    }
+  });
+  connect(handler(), &OAuthHttpHandler::authRejected, [this](const QString& error_description, const QString& id) {
+    Q_UNUSED(error_description)
+
+    if (id.isEmpty() || id == m_id) {
+      // We process this further only if handler (static singleton) responded to our original request.
       emit authFailed();
+    }
   });
 #endif
 }

src/network-web/oauthhttphandler.cpp

@@ -15,7 +15,7 @@ OAuthHttpHandler::OAuthHttpHandler(QObject* parent) : QObject(parent) {
 
   connect(&m_httpServer, &QTcpServer::newConnection, this, &OAuthHttpHandler::clientConnected);
 
-  if (!m_httpServer.listen(m_listenAddress, 80)) {
+  if (!m_httpServer.listen(m_listenAddress, 13377)) {
     qCritical("OAuth HTTP handler: Failed to start listening.");
   }
 }
@@ -49,18 +49,18 @@ void OAuthHttpHandler::handleRedirection(const QVariantMap& data) {
     const QString description = data.value(QSL("error_description")).toString();
 
     qWarning("OAuth HTTP handler: AuthenticationError: %s(%s): %s", qPrintable(error), qPrintable(uri), qPrintable(description));
-    emit authRejected(description);
+    emit authRejected(description, received_state);
   }
   else if (code.isEmpty()) {
     qWarning("OAuth HTTP handler: AuthenticationError: Code not received");
-    emit authRejected(QSL("AuthenticationError: Code not received"));
+    emit authRejected(QSL("AuthenticationError: Code not received"), received_state);
   }
   else if (received_state.isEmpty()) {
     qWarning("OAuth HTTP handler: State not received");
-    emit authRejected(QSL("State not received"));
+    emit authRejected(QSL("State not received"), received_state);
   }
   else {
-    emit authGranted(code);
+    emit authGranted(code, received_state);
   }
 }
 

src/network-web/oauthhttphandler.h

@@ -16,8 +16,8 @@ class OAuthHttpHandler : public QObject {
     virtual ~OAuthHttpHandler();
 
   signals:
-    void authRejected(const QString& error_description);
+    void authRejected(const QString& error_description, const QString& state = QString());
-    void authGranted(const QString& auth_code);
+    void authGranted(const QString& auth_code, const QString& state);
 
   private slots:
     void clientConnected();

src/services/gmail/gui/formeditgmailaccount.cpp

@@ -15,6 +15,13 @@ FormEditGmailAccount::FormEditGmailAccount(QWidget* parent) : QDialog(parent),
   m_ui.setupUi(this);
 
   GuiUtilities::setLabelAsNotice(*m_ui.m_lblAuthInfo, true);
+
+#if !defined(USE_WEBENGINE)
+  m_ui.m_lblAuthInfo->setText(tr("You must use \"%1\" as base redirect URL. You can use custom port to make sure "
+                                 "that no local service occupies it. Make sure that this redirect URL matches redirect "
+                                 "URL of used \"application\".").arg(LOCALHOST_ADDRESS));
+#endif
+
   GuiUtilities::applyDialogProperties(*this, qApp->icons()->miscIcon(QSL("gmail")));
 
   m_ui.m_lblTestResult->setStatus(WidgetWithStatus::StatusType::Information,

src/services/inoreader/gui/formeditinoreaderaccount.cpp

@@ -17,6 +17,12 @@ FormEditInoreaderAccount::FormEditInoreaderAccount(QWidget* parent) : QDialog(pa
   GuiUtilities::setLabelAsNotice(*m_ui.m_lblAuthInfo, true);
   GuiUtilities::applyDialogProperties(*this, qApp->icons()->miscIcon(QSL("inoreader")));
 
+#if !defined(USE_WEBENGINE)
+  m_ui.m_lblAuthInfo->setText(tr("You must use \"%1\" as base redirect URL. You can use custom port to make sure "
+                                 "that no local service occupies it. Make sure that this redirect URL matches redirect "
+                                 "URL of used \"application\".").arg(LOCALHOST_ADDRESS));
+#endif
+
   m_ui.m_lblTestResult->setStatus(WidgetWithStatus::StatusType::Information,
                                   tr("Not tested yet."),
                                   tr("Not tested yet."));