diff --git a/src/idpyoidc/server/client_authn.py b/src/idpyoidc/server/client_authn.py index c2603d0f..1c62b556 100755 --- a/src/idpyoidc/server/client_authn.py +++ b/src/idpyoidc/server/client_authn.py @@ -104,12 +104,12 @@ def basic_authn(authorization_token: str): _tok = as_bytes(authorization_token[6:]) # Will raise ValueError type exception if not base64 encoded _tok = base64.b64decode(_tok) - part = [unquote_plus(p) for p in as_unicode(_tok).split(":")] - if len(part) == 2: - return dict(zip(["id", "secret"], part)) - else: + part = as_unicode(_tok).split(":", 1) + if len(part) != 2: raise ValueError("Illegal token") + return dict(zip(["id", "secret"], part)) + class NoneAuthn(ClientAuthnMethod): """ diff --git a/tests/test_server_17_client_authn.py b/tests/test_server_17_client_authn.py index 07441300..4575ecd8 100644 --- a/tests/test_server_17_client_authn.py +++ b/tests/test_server_17_client_authn.py @@ -459,11 +459,6 @@ def test_basic_auth_wrong_label(): def test_basic_auth_wrong_token(): - _token = "{}:{}:foo".format(client_id, client_secret) - token = as_unicode(base64.b64encode(as_bytes(_token))) - with pytest.raises(ValueError): - basic_authn("Basic {}".format(token)) - _token = "{}:{}".format(client_id, client_secret) with pytest.raises(ValueError): basic_authn("Basic {}".format(_token)) diff --git a/tests/test_server_20d_client_authn.py b/tests/test_server_20d_client_authn.py index 38dd29b2..e81d26dd 100755 --- a/tests/test_server_20d_client_authn.py +++ b/tests/test_server_20d_client_authn.py @@ -413,11 +413,6 @@ def test_basic_auth_wrong_label(): def test_basic_auth_wrong_token(): - _token = "{}:{}:foo".format(client_id, client_secret) - token = as_unicode(base64.b64encode(as_bytes(_token))) - with pytest.raises(ValueError): - basic_authn("Basic {}".format(token)) - _token = "{}:{}".format(client_id, client_secret) with pytest.raises(ValueError): basic_authn("Basic {}".format(_token))