Fix issue where username/password are not encoded for basic auth (#4796)

cloudfoundry · Nov 26, 2020 · a01768a · a01768a
1 parent 132ccfd
commit a01768a
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/src/jetstream/authuaa.go b/src/jetstream/authuaa.go
@@ -367,7 +367,7 @@ func (p *portalProxy) getUAAToken(body url.Values, skipSSLValidation bool, clien
 		return nil, fmt.Errorf(msg, err)
 	}
 
-	req.SetBasicAuth(client, clientSecret)
+	req.SetBasicAuth(url.QueryEscape(client), url.QueryEscape(clientSecret))
 	req.Header.Set(echo.HeaderContentType, echo.MIMEApplicationForm)
 
 	var h = p.GetHttpClientForRequest(req, skipSSLValidation)

diff --git a/src/jetstream/plugins/metrics/main.go b/src/jetstream/plugins/metrics/main.go
@@ -226,7 +226,7 @@ func (m *MetricsSpecification) Connect(ec echo.Context, cnsiRecord interfaces.CN
 
 func (m *MetricsSpecification) addAuth(req *http.Request, auth *MetricsAuth) {
 	if auth.Type == interfaces.AuthConnectTypeCreds {
-		req.SetBasicAuth(auth.Username, auth.Password)
+		req.SetBasicAuth(url.QueryEscape(auth.Username), url.QueryEscape(auth.Password))
 	}
 }