URL Encoding in ClientSecretBasic

Issue #239 invalid
Former user created an issue

The method toHTTPAuthorizationHeader() in the class ClientSecretBasic doesn't need to url encode the client id and secret. If a secret has a char like '/' which would be url encoded in "%2F", the authorization header would have the wrong value.

Comments (1)

  1. Log in to comment