fix: do not URI-encode Basic Auth header contents

packages/api/src/utils/client/httpClient.ts

@@ -146,8 +146,8 @@ export class HttpClient implements IHttpClient {
       // Extract the username and password, if any
       if (url.username !== "" || url.password != "") {
         urlOpts.extraHeaders = {
-        // eslint-disable-next-line @typescript-eslint/naming-convention
-          Authorization: `Basic ${toBase64(`${url.username}:${url.password}`)}`,
+          // eslint-disable-next-line @typescript-eslint/naming-convention
+          Authorization: `Basic ${toBase64(decodeURIComponent(`${url.username}:${url.password}`))}`,
           ...urlOpts.extraHeaders,
         };
         url.username = "";

packages/api/test/unit/client/httpClientOptions.test.ts

@@ -1,11 +1,13 @@
 import {expect} from "chai";
+import {toBase64} from "@lodestar/utils";
 import {HttpClient} from "../../../src/index.js";
 
 describe("HTTPClient options", () => {
   const baseUrl1 = "http://url-1/";
   const baseUrl2 = "http://url-2/";
   const baseUrl1BasicAuth = "http://username:password@url-1/";
   const baseUrl2BasicAuth = "http://username:password@url-2/";
+  const baseUrl2BasicAuthEncoded = "http://username=:password@url-2/";
   const bearerToken1 = "token-1";
   const bearerToken2 = "token-2";
 
@@ -156,6 +158,19 @@ describe("HTTPClient options", () => {
     ]);
   });
 
+  it("Basic Auth should not be URI-encoded", () => {
+    const httpClient = new HttpClient({
+      urls: [baseUrl2BasicAuthEncoded],
+    });
+    expect(httpClient["urlsOpts"]).deep.equals([
+      {
+        baseUrl: baseUrl2,
+        // eslint-disable-next-line @typescript-eslint/naming-convention
+        extraHeaders: {Authorization: `Basic ${toBase64("username=:password")}`},
+      },
+    ]);
+  });
+
   it("Throw if empty baseUrl", () => {
     expect(() => new HttpClient({baseUrl: ""})).to.throw(Error);
   });