Merge pull request #26 from IdentityPython/quote_plus_rm

Removed quote_plus from ClientSecretBasic credential creation.

Author: rohe

src/idpyoidc/client/client_auth.py

@@ -122,7 +122,7 @@ def _get_authentication_token(self, request, service, **kwargs):
         passwd = self._get_passwd(request, service, **kwargs)
         user = self._get_user(service, **kwargs)
 
-        credentials = "{}:{}".format(quote_plus(user), quote_plus(passwd))
+        credentials = f"{user}:{passwd}"
         return base64.urlsafe_b64encode(credentials.encode("utf-8")).decode("utf-8")
 
     @staticmethod
@@ -191,7 +191,7 @@ def construct(self, request, service=None, http_args=None, **kwargs):
 
         _token = self._get_authentication_token(request, service, **kwargs)
 
-        http_args["headers"]["Authorization"] = "Basic {}".format(_token)
+        http_args["headers"]["Authorization"] = f"Basic {_token}"
 
         self.modify_request(request, service)
 

tests/test_client_06_client_authn.py

@@ -81,7 +81,7 @@ def test_quote():
 
     assert (
             http_args["headers"]["Authorization"] == "Basic "
-                                                     "Nzk2ZDhmYWUtYTQyZi00ZTRmLWFiMjUtZDYyMDViNmQ0ZmEyOk1LRU0lMkZBN1BrbjdKdVUwTEFjeHlIVkt2d2RjenN1Z2FQVTBCaWVMYjRDYlFBZ1FqJTJCeXBjYW5GT0NiMCUyRkZBNWg="
+                                                     'Nzk2ZDhmYWUtYTQyZi00ZTRmLWFiMjUtZDYyMDViNmQ0ZmEyOk1LRU0vQTdQa243SnVVMExBY3h5SFZLdndkY3pzdWdhUFUwQmllTGI0Q2JRQWdRait5cGNhbkZPQ2IwL0ZBNWg='
     )
 
 
@@ -93,15 +93,10 @@ def test_construct(self, entity):
         csb = ClientSecretBasic()
         http_args = csb.construct(request, _service)
 
-        credentials = "{}:{}".format(quote_plus("A"), quote_plus("white boarding pass"))
-
-        assert http_args == {
-            "headers": {
-                "Authorization": "Basic {}".format(
-                    base64.urlsafe_b64encode(credentials.encode("utf-8")).decode("utf-8")
-                )
-            }
-        }
+        _authz = http_args["headers"]["Authorization"]
+        assert _authz.startswith("Basic ")
+        _token = _authz.split(" ",1)[1]
+        assert base64.urlsafe_b64decode(_token) == b'A:white boarding pass'
 
     def test_does_not_remove_padding(self):
         request = AccessTokenRequest(code="foo", redirect_uri="http://example.com")

tests/test_client_12_client_auth.py

@@ -61,7 +61,7 @@ def test_quote():
 
     assert (
         http_args["headers"]["Authorization"] == "Basic "
-        "Nzk2ZDhmYWUtYTQyZi00ZTRmLWFiMjUtZDYyMDViNmQ0ZmEyOk1LRU0lMkZBN1BrbjdKdVUwTEFjeHlIVkt2d2RjenN1Z2FQVTBCaWVMYjRDYlFBZ1FqJTJCeXBjYW5GT0NiMCUyRkZBNWg="
+                                                 'Nzk2ZDhmYWUtYTQyZi00ZTRmLWFiMjUtZDYyMDViNmQ0ZmEyOk1LRU0vQTdQa243SnVVMExBY3h5SFZLdndkY3pzdWdhUFUwQmllTGI0Q2JRQWdRait5cGNhbkZPQ2IwL0ZBNWg='
     )
 
 
@@ -73,7 +73,7 @@ def test_construct(self, entity):
         csb = ClientSecretBasic()
         http_args = csb.construct(request, _token_service)
 
-        credentials = "{}:{}".format(quote_plus("A"), quote_plus("white boarding pass"))
+        credentials = "{}:{}".format("A", "white boarding pass")
 
         assert http_args == {
             "headers": {

tests/test_client_25_cc_oauth2_service.py

@@ -40,7 +40,7 @@ def test_token_get_request(self):
         assert _info["url"] == "https://example.com/token"
         assert _info["body"] == "grant_type=client_credentials"
         assert _info["headers"] == {
-            "Authorization": "Basic Y2xpZW50X2lkOmFub3RoZXIrcGFzc3dvcmQ=",
+            "Authorization": "Basic Y2xpZW50X2lkOmFub3RoZXIgcGFzc3dvcmQ=",
             "Content-Type": "application/x-www-form-urlencoded",
         }