search

ordercloud-api / OrderCloud-Angular-SDK

Angular wrapper for OrderCloud-Javascript-SDK
MIT License
1 stars 3 forks source link

"&" in user pw needs encoding on Auth #7

Open mirandadanielson opened 6 years ago

mirandadanielson commented 6 years ago

the only character I've tested with is &.

steps to recreate:

  1. create a user with PW ending in &
  2. attempt to auth with OrderCloudSDK.Auth.Login(username, "test&", clientid, scope)
  3. observe request body in console grant_type:password scope:FullAccess client_id: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXX username: USERNAME password: test (empty)

alternate recreation:

  1. create a user with a & in the middle of the PW
  2. attempt to auth with OrderCloudSDK.Auth.Login(username, "test&123", clientid, scope)
  3. observe request body in console grant_type:password scope:FullAccess client_id: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXX username: USERNAME password: test 123: