Browse Source

use the same encoding as on client side

see OIDCAuthenticationFilter line 336
pull/1079/merge
ngriesser 8 years ago committed by Justin Richer
parent
commit
f45a6ef56a
  1. 2
      openid-connect-common/src/main/java/org/mitre/oauth2/service/impl/UriEncodedClientUserDetailsService.java

2
openid-connect-common/src/main/java/org/mitre/oauth2/service/impl/UriEncodedClientUserDetailsService.java

@ -68,7 +68,7 @@ public class UriEncodedClientUserDetailsService implements UserDetailsService {
if (client != null) {
String encodedPassword = UriUtils.encodeQueryParam(Strings.nullToEmpty(client.getClientSecret()), "UTF-8");
String encodedPassword = UriUtils.encodePathSegment(Strings.nullToEmpty(client.getClientSecret()), "UTF-8");
if (config.isHeartMode() || // if we're running HEART mode turn off all client secrets
(client.getTokenEndpointAuthMethod() != null &&

Loading…
Cancel
Save