Add missing `Authorization` header on MAL refresh token request (#7686)

* Add missing Authorization header on MAL refresh token request.

* Make sure to also close the response when it have failed.

(cherry picked from commit 531546790853dd9adb91777de8d9560a610c4838)

app/src/main/java/eu/kanade/tachiyomi/data/track/myanimelist/MyAnimeListApi.kt

@@ -22,6 +22,7 @@ import kotlinx.serialization.json.jsonArray
 import kotlinx.serialization.json.jsonObject
 import kotlinx.serialization.json.jsonPrimitive
 import okhttp3.FormBody
+import okhttp3.Headers
 import okhttp3.OkHttpClient
 import okhttp3.Request
 import okhttp3.RequestBody
@@ -256,13 +257,21 @@ class MyAnimeListApi(private val client: OkHttpClient, interceptor: MyAnimeListI
             .appendPath("my_list_status")
             .build()
 
-        fun refreshTokenRequest(refreshToken: String): Request {
+        fun refreshTokenRequest(oauth: OAuth): Request {
             val formBody: RequestBody = FormBody.Builder()
                 .add("client_id", clientId)
-                .add("refresh_token", refreshToken)
+                .add("refresh_token", oauth.refresh_token)
                 .add("grant_type", "refresh_token")
                 .build()
-            return POST("$baseOAuthUrl/token", body = formBody)
+
+            // Add the Authorization header manually as this particular
+            // request is called by the interceptor itself so it doesn't reach
+            // the part where the token is added automatically.
+            val headers = Headers.Builder()
+                .add("Authorization", "Bearer ${oauth.access_token}")
+                .build()
+
+            return POST("$baseOAuthUrl/token", body = formBody, headers = headers)
         }
 
         private fun getPkceChallengeCode(): String {

app/src/main/java/eu/kanade/tachiyomi/data/track/myanimelist/MyAnimeListInterceptor.kt

@@ -1,9 +1,11 @@
 package eu.kanade.tachiyomi.data.track.myanimelist
 
+import eu.kanade.tachiyomi.network.parseAs
 import kotlinx.serialization.decodeFromString
 import kotlinx.serialization.json.Json
 import okhttp3.Interceptor
 import okhttp3.Response
+import okhttp3.internal.closeQuietly
 import uy.kohesive.injekt.injectLazy
 import java.io.IOException
 
@@ -24,11 +26,22 @@ class MyAnimeListInterceptor(private val myanimelist: MyAnimeList, private var t
         }
         // Refresh access token if expired
         if (oauth != null && oauth!!.isExpired()) {
-            chain.proceed(MyAnimeListApi.refreshTokenRequest(oauth!!.refresh_token)).use {
-                if (it.isSuccessful) {
-                    setAuth(json.decodeFromString(it.body!!.string()))
+            val newOauth = runCatching {
+                val oauthResponse = chain.proceed(MyAnimeListApi.refreshTokenRequest(oauth!!))
+
+                if (oauthResponse.isSuccessful) {
+                    oauthResponse.parseAs<OAuth>()
+                } else {
+                    oauthResponse.closeQuietly()
+                    null
                 }
             }
+
+            if (newOauth.getOrNull() == null) {
+                throw IOException("Failed to refresh the access token")
+            }
+
+            setAuth(newOauth.getOrNull())
         }
         if (oauth == null) {
             throw IOException("No authentication token")