use %20 instead of + as encoded space

Author: nov

VERSION

@@ -1 +1 @@
-1.10.1
+1.10.1

lib/rack/oauth2/util.rb

@@ -35,11 +35,12 @@ def parse_uri(uri)
 
         def redirect_uri(base_uri, location, params)
           redirect_uri = parse_uri base_uri
+          encoded_response_params = Util.compact_hash(params).to_query.gsub('+', '%20')
           case location
           when :query
-            redirect_uri.query = [redirect_uri.query, Util.compact_hash(params).to_query].compact.join('&')
+            redirect_uri.query = [redirect_uri.query, encoded_response_params].compact.join('&')
           when :fragment
-            redirect_uri.fragment = Util.compact_hash(params).to_query
+            redirect_uri.fragment = encoded_response_params
           end
           redirect_uri.to_s
         end
@@ -59,4 +60,4 @@ def uri_match?(base, given)
       end
     end
   end
-end
+end

spec/rack/oauth2/client_spec.rb

@@ -49,12 +49,12 @@
 
     context 'when response_type is an Array' do
       subject { client.authorization_uri(response_type: [:token, :code]) }
-      it { should include 'response_type=token+code' }
+      it { should include 'response_type=token%20code' }
     end
 
     context 'when scope is given' do
       subject { client.authorization_uri(scope: [:scope1, :scope2]) }
-      it { should include 'scope=scope1+scope2' }
+      it { should include 'scope=scope1%20scope2' }
     end
   end
 

spec/rack/oauth2/server/authorize/code_spec.rb

@@ -51,7 +51,7 @@
         error: :access_denied,
         error_description: Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
       }
-      response.location.should == "#{redirect_uri}?#{error_message.to_query}&state=state"
+      response.location.should == "#{redirect_uri}?#{error_message.to_query.gsub('+', '%20')}&state=state"
     end
   end
 end

spec/rack/oauth2/server/authorize/extensions/code_and_token_spec.rb

@@ -54,7 +54,7 @@
         error: :access_denied,
         error_description: Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
       }
-      response.location.should == "#{redirect_uri}##{error_message.to_query}"
+      response.location.should == "#{redirect_uri}##{error_message.to_query.gsub('+', '%20')}"
     end
   end
 end

spec/rack/oauth2/server/authorize/token_spec.rb

@@ -67,7 +67,7 @@
         error: :access_denied,
         error_description: Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
       }
-      response.location.should == "#{redirect_uri}##{error_message.to_query}&state=state"
+      response.location.should == "#{redirect_uri}##{error_message.to_query.gsub('+', '%20')}&state=state"
     end
   end
 end