use the same encoding as on client side

see OIDCAuthenticationFilter line 336
2016-09-21 15:57:40 +02:00 · 2016-09-21 15:57:40 +02:00 · f45a6ef56a
parent 476ec872ff
commit f45a6ef56a
1 changed files with 1 additions and 1 deletions
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/service/impl/UriEncodedClientUserDetailsService.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/service/impl/UriEncodedClientUserDetailsService.java
@ -68,7 +68,7 @@ public class UriEncodedClientUserDetailsService implements UserDetailsService {
 			if (client != null) {
-				String encodedPassword = UriUtils.encodeQueryParam(Strings.nullToEmpty(client.getClientSecret()), "UTF-8");
+				String encodedPassword = UriUtils.encodePathSegment(Strings.nullToEmpty(client.getClientSecret()), "UTF-8");
 				if (config.isHeartMode() || // if we're running HEART mode turn off all client secrets
 						(client.getTokenEndpointAuthMethod() != null &&