Fix DPoP special char case (#1528)

* Fix DPoP when path contains special chars (#1526) - Still does not work for ;/\ chars * removed unnecessary unit test --------- Co-authored-by: Clément Denis <clement.denis@gmail.com>
okta · Jul 24, 2024 · 7a5277f · 7a5277f
1 parent 1a05092
commit 7a5277f
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 5 deletions.
diff --git a/api/pom.xml b/api/pom.xml
@@ -36,7 +36,7 @@
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <swagger-annotations.version>1.6.8</swagger-annotations.version>
-        <openapi-generator.version>7.5.0</openapi-generator.version>
+        <openapi-generator.version>7.7.0</openapi-generator.version>
         <jackson-databind-nullable.version>0.2.6</jackson-databind-nullable.version>
         <jakarta-annotation.version>2.1.1</jakarta-annotation.version>
         <jsr305.version>3.0.2</jsr305.version>

diff --git a/impl/src/main/java/com/okta/sdk/impl/oauth2/DPoPInterceptor.java b/impl/src/main/java/com/okta/sdk/impl/oauth2/DPoPInterceptor.java
@@ -34,8 +34,6 @@
 import org.slf4j.LoggerFactory;
 
 import java.io.IOException;
-import java.io.UnsupportedEncodingException;
-import java.net.URISyntaxException;
 import java.net.URLDecoder;
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
@@ -130,8 +128,13 @@ private void processRequest(HttpRequest request, boolean tokenRequest) {
 
     private String getUriWithoutQueryString(HttpRequest request) {
         try {
-            return URLDecoder.decode(StringUtils.substringBefore(request.getUri().toString(), "?"), StandardCharsets.UTF_8.name());
-        } catch (URISyntaxException | UnsupportedEncodingException e) {
+            String urlWithoutQueryString = StringUtils.substringBefore(request.getUri().toString(), "?");
+            return URLDecoder.decode(urlWithoutQueryString, StandardCharsets.UTF_8.name())
+                .replace("%", "%25") //must be replaced first
+                .replace(" ", "%20")
+                .replace("\"", "%22")
+                .replace("#", "%23");
+        } catch (Exception e) {
             throw new RuntimeException(e);
         }
     }