From f3c65626ba2858618665528114c85509b74a157f Mon Sep 17 00:00:00 2001
From: Simon Woolf <simon@ably.io>
Date: Thu, 3 Dec 2015 18:02:44 +0000
Subject: [PATCH] Form- (not json-) encode auth-params when POSTing to authUrl

---
 common/lib/client/auth.js | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/common/lib/client/auth.js b/common/lib/client/auth.js
index 874f6866e3..796dcefce1 100644
--- a/common/lib/client/auth.js
+++ b/common/lib/client/auth.js
@@ -262,7 +262,16 @@ var Auth = (function() {
 				};
 				Logger.logAction(Logger.LOG_MICRO, 'Auth.requestToken().tokenRequestCallback', 'Sending; ' + authOptions.authUrl + '; Params: ' + JSON.stringify(authParams));
 				if(authOptions.authMethod && authOptions.authMethod.toLowerCase() === 'post') {
-					Http.postUri(rest, authOptions.authUrl, authHeaders || {}, authParams, {}, authUrlRequestCallback);
+					var headers = authHeaders || {};
+					if(typeof(authParams) === 'object') {
+						/* send body form-encoded */
+						headers['content-type'] = "application/x-www-form-urlencoded";
+						body = Utils.toQueryString(authParams).slice(1); /* slice is to remove the initial '?' */
+					} else {
+						headers['content-type'] = "text/plain";
+						body = authParams;
+					}
+					Http.postUri(rest, authOptions.authUrl, headers, body, {}, authUrlRequestCallback);
 				} else {
 					Http.getUri(rest, authOptions.authUrl, authHeaders || {}, authParams, authUrlRequestCallback);
 				}