From f4a26770fcaa9d6bbf6265ec5c7a71c890385d98 Mon Sep 17 00:00:00 2001
From: David Kocher <dkocher@iterate.ch>
Date: Mon, 15 Apr 2024 15:41:09 +0200
Subject: [PATCH] Do not add bearer authorization for pre-authenticated
 download URLs. > Preauthenticated download URLs are only valid for a short
 period of time (a few minutes) and don't require an Authorization header to
 download.

---
 .../main/java/ch/cyberduck/core/onedrive/GraphSession.java  | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/onedrive/src/main/java/ch/cyberduck/core/onedrive/GraphSession.java b/onedrive/src/main/java/ch/cyberduck/core/onedrive/GraphSession.java
index bbfa3ec5951..5f5ab9e4ee2 100644
--- a/onedrive/src/main/java/ch/cyberduck/core/onedrive/GraphSession.java
+++ b/onedrive/src/main/java/ch/cyberduck/core/onedrive/GraphSession.java
@@ -62,6 +62,8 @@
 import java.util.Optional;
 import java.util.Set;
 
+import static org.apache.http.client.protocol.HttpClientContext.REDIRECT_LOCATIONS;
+
 public abstract class GraphSession extends HttpSession<OneDriveAPI> {
     private static final Logger log = LogManager.getLogger(GraphSession.class);
 
@@ -135,7 +137,9 @@ protected OneDriveAPI connect(final Proxy proxy, final HostKeyCallback key, fina
             @Override
             public void process(final HttpRequest request, final HttpContext context) throws HttpException, IOException {
                 if(request.containsHeader(HttpHeaders.AUTHORIZATION)) {
-                    super.process(request, context);
+                    if(context.getAttribute(REDIRECT_LOCATIONS) == null) {
+                        super.process(request, context);
+                    }
                 }
             }
         }.withRedirectUri(host.getProtocol().getOAuthRedirectUrl())