Hi, I'm implementing an oidc client and I noticed that the client_secret is sent like this

# l.120 oidcrp.client_auth.py
credentials = "{}:{}".format(quote_plus(user), quote_plus(passwd))

But the server does not seem to decode the secret as it should and I got an invalid_client.

Is there a way to avoid the quote_plus in order to send the raw secret ?

Reference

• https://github.com/IdentityPython/idpy-oidc/blob/9964524/src/idpyoidc/client/client_auth.py#L125