From 8237aa5b84bcb4cbc3bb857f58d94590e2fbbeb3 Mon Sep 17 00:00:00 2001
From: James Collier <james.collier@vib.be>
Date: Mon, 11 May 2020 13:04:24 +0200
Subject: [PATCH] RFC 3986 encode parameters in authentication URL

---
 includes/openid-connect-generic-client.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/includes/openid-connect-generic-client.php b/includes/openid-connect-generic-client.php
index e3e58f8..9b547a0 100644
--- a/includes/openid-connect-generic-client.php
+++ b/includes/openid-connect-generic-client.php
@@ -55,10 +55,10 @@ class OpenID_Connect_Generic_Client {
 		$url = sprintf( '%1$s%2$sresponse_type=code&scope=%3$s&client_id=%4$s&state=%5$s&redirect_uri=%6$s',
 			$this->endpoint_login,
 			$separator,
-			urlencode( $this->scope ),
-			urlencode( $this->client_id ),
+			rawurlencode( $this->scope ),
+			rawurlencode( $this->client_id ),
 			$this->new_state(),
-			urlencode( $this->redirect_uri )
+			rawurlencode( $this->redirect_uri )
 		);
 
 		$this->logger->log( apply_filters( 'openid-connect-generic-auth-url', $url ), 'make_authentication_url' );