Closed Prilkop closed 9 months ago
Added url encoding of client_id and client_secret in encode_client_secret_basic per RFC 6749: https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1
This fixes the unsupported situation where there is a colon character in the client_id or in the client_secret.
DO NOT SEND ANY SECURITY FIX HERE. Please read "Security Reporting" section on README.
What kind of change does this PR introduce? (check at least one)
@Prilkop reverted, it caused too many bugs.
You can quote your client_id and client_secret at first in your own code.
quote
Added url encoding of client_id and client_secret in encode_client_secret_basic per RFC 6749: https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1
This fixes the unsupported situation where there is a colon character in the client_id or in the client_secret.
What kind of change does this PR introduce? (check at least one)