From 7b4e7d3e62531f713106c87b1b33ea1f9aba35de Mon Sep 17 00:00:00 2001
From: Neil MacDougall <neil.macdougall@suse.com>
Date: Tue, 24 Nov 2020 14:47:12 +0000
Subject: [PATCH] Fix issue where username/password are not encoded for basic
 auth

---
 src/jetstream/authuaa.go              | 2 +-
 src/jetstream/plugins/metrics/main.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/jetstream/authuaa.go b/src/jetstream/authuaa.go
index a0775beb53..25f13677f6 100644
--- a/src/jetstream/authuaa.go
+++ b/src/jetstream/authuaa.go
@@ -367,7 +367,7 @@ func (p *portalProxy) getUAAToken(body url.Values, skipSSLValidation bool, clien
 		return nil, fmt.Errorf(msg, err)
 	}
 
-	req.SetBasicAuth(client, clientSecret)
+	req.SetBasicAuth(url.QueryEscape(client), url.QueryEscape(clientSecret))
 	req.Header.Set(echo.HeaderContentType, echo.MIMEApplicationForm)
 
 	var h = p.GetHttpClientForRequest(req, skipSSLValidation)
diff --git a/src/jetstream/plugins/metrics/main.go b/src/jetstream/plugins/metrics/main.go
index d6ad0d7a29..41ab846393 100644
--- a/src/jetstream/plugins/metrics/main.go
+++ b/src/jetstream/plugins/metrics/main.go
@@ -226,7 +226,7 @@ func (m *MetricsSpecification) Connect(ec echo.Context, cnsiRecord interfaces.CN
 
 func (m *MetricsSpecification) addAuth(req *http.Request, auth *MetricsAuth) {
 	if auth.Type == interfaces.AuthConnectTypeCreds {
-		req.SetBasicAuth(auth.Username, auth.Password)
+		req.SetBasicAuth(url.QueryEscape(auth.Username), url.QueryEscape(auth.Password))
 	}
 }