fix encode_client_secret_basic to match rfc6749

added url encoding of client_id and client_secret in encode_client_secret_basic per RFC 6749: https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1
lepture · Nov 16, 2023 · d2d1f49 · d2d1f49
1 parent eea8c61
commit d2d1f49
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/authlib/oauth2/auth.py b/authlib/oauth2/auth.py
@@ -1,12 +1,13 @@
 import base64
+from urllib.parse import quote
 from authlib.common.urls import add_params_to_qs, add_params_to_uri
 from authlib.common.encoding import to_bytes, to_native
 from .rfc6749 import OAuth2Token
 from .rfc6750 import add_bearer_token
 
 
 def encode_client_secret_basic(client, method, uri, headers, body):
-    text = f'{client.client_id}:{client.client_secret}'
+    text = f'{quote(client.client_id)}:{quote(client.client_secret)}'
     auth = to_native(base64.b64encode(to_bytes(text, 'latin1')))
     headers['Authorization'] = f'Basic {auth}'
     return uri, headers, body