Skip to content

fix: use urlencode for OAuth authorize URL parameters#1636

Open
hobostay wants to merge 1 commit into
eigent-ai:mainfrom
hobostay:fix/oauth-url-encoding
Open

fix: use urlencode for OAuth authorize URL parameters#1636
hobostay wants to merge 1 commit into
eigent-ai:mainfrom
hobostay:fix/oauth-url-encoding

Conversation

@hobostay
Copy link
Copy Markdown

@hobostay hobostay commented May 14, 2026

Summary

  • Replace f-string URL construction with urlencode() in Slack, Notion, X (Twitter), and Google OAuth adapters (server/app/core/oauth_adapter.py)
  • Parameters like redirect_uri, scope, and state could contain special characters (spaces, ampersands, Unicode) that would break the URL when interpolated directly
  • LinkedIn adapter was already using urlencode correctly — this brings the other adapters in line
  • X adapter's manual self.scope.replace(' ', '%20') is now handled properly by urlencode

Test plan

  • Verify OAuth login flows still work for Slack, Notion, X, Google, and LinkedIn
  • Test with redirect URIs containing special characters
  • Verify scope strings with spaces are properly encoded

🤖 Generated with Claude Code

@claude
fix: use urlencode for OAuth authorize URL parameters
df43f26 
OAuth authorize URLs in Slack, Notion, X, and Google adapters were
constructed via f-string interpolation, leaving parameters like
redirect_uri, scope, and state vulnerable to breakage with special
characters (spaces, ampersands, etc). LinkedIn already used urlencode.
Switch all adapters to use urlencode for proper URL encoding.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hobostay