Fix Oauth issues with use_secure_urls=true (#9722)

CHANGELOG.md

@@ -11,6 +11,7 @@
 - Fix plugin "virtuser_file" to handle backward slashes in username (#9668)
 - Fix PHP fatal error when parsing some malformed BODYSTRUCTURE responses (#9689)
 - Fix insert_or_update() and reading database server config on PostgreSQL (#9710)
+- Fix Oauth issues with use_secure_urls=true (#9722)
 
 ## Release 1.6.9
 

program/actions/login/oauth.php

@@ -66,8 +66,7 @@ public function run($args = [])
                     unset($redir['abort'], $redir['_err']);
 
                     // send redirect
-                    header('Location: ' . $rcmail->url($redir, true, false));
-                    exit;
+                    $rcmail->output->redirect($redir, 0, true);
                 }
                 else {
                     $rcmail->output->show_message('loginfailed', 'warning');

program/include/rcmail_oauth.php

@@ -121,11 +121,20 @@ public function is_enabled()
      */
     public function get_redirect_uri()
     {
-        $url = $this->rcmail->url([], true, true);
+        $url = $this->rcmail->url([]);
 
         // rewrite redirect URL to not contain query parameters because some providers do not support this
         $url = preg_replace('/\?.*/', '', $url);
 
+        // Get rid of the use_secure_urls token from the path
+        // It can happen after you log out that the token is still in the current request path
+        if ($len = $this->rcmail->config->get('use_secure_urls')) {
+             $length = $len > 1 ? $len : 16;
+             $url = preg_replace("~^/[0-9a-zA-Z]{{$length}}/~", '/', $url);
+        }
+
+        $url = rcube_utils::resolve_url($url);
+
         return slashify($url) . 'index.php/login/oauth';
     }