fix(prism-agent): perform percent encoding on auth header for token i…

…ntrospection request (#780) Signed-off-by: Pat Losoponkul <[email protected]>
hyperledger · Nov 9, 2023 · 03d43c9 · 03d43c9
1 parent f2e74cd
commit 03d43c9
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/.../service/server/src/main/scala/io/iohk/atala/iam/authentication/oidc/KeycloakClient.scala b/.../service/server/src/main/scala/io/iohk/atala/iam/authentication/oidc/KeycloakClient.scala
@@ -7,6 +7,8 @@ import zio.*
 import zio.http.*
 import zio.json.*
 
+import java.net.URLEncoder
+import java.nio.charset.StandardCharsets
 import scala.jdk.CollectionConverters.*
 
 final case class TokenIntrospection(active: Boolean, sub: Option[String])
@@ -61,7 +63,10 @@ class KeycloakClientImpl(client: AuthzClient, httpClient: Client, keycloakConfig
           url = introspectionUrl,
           method = Method.POST,
           headers = baseFormHeaders ++ Headers(
-            Header.Authorization.Basic(keycloakConfig.clientId, keycloakConfig.clientSecret)
+            Header.Authorization.Basic(
+              username = URLEncoder.encode(keycloakConfig.clientId, StandardCharsets.UTF_8),
+              password = URLEncoder.encode(keycloakConfig.clientSecret, StandardCharsets.UTF_8)
+            )
           ),
           content = Body.fromURLEncodedForm(
             Form(