From dd931c89a3eab7ed87ee19cf9032cbea1e38517d Mon Sep 17 00:00:00 2001
From: Mateusz Pietryga <pietryga.m@gmail.com>
Date: Thu, 18 Apr 2024 19:07:36 +0200
Subject: [PATCH] Fix: OAuth 2.0 Grant Type Authorization: "invalid_client"
 error / URL Encode of Client ID

#2115
#1003
---
 .../src/ipc/network/oauth2-helper.js           | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/packages/bruno-electron/src/ipc/network/oauth2-helper.js b/packages/bruno-electron/src/ipc/network/oauth2-helper.js
index 33b845e59c..216c3be975 100644
--- a/packages/bruno-electron/src/ipc/network/oauth2-helper.js
+++ b/packages/bruno-electron/src/ipc/network/oauth2-helper.js
@@ -51,26 +51,26 @@ const getOAuth2AuthorizationCode = (request, codeChallenge, collectionUid) => {
     const { oauth2 } = request;
     const { callbackUrl, clientId, authorizationUrl, scope, state, pkce } = oauth2;
 
-    let oauth2QueryParams =
-      (authorizationUrl.indexOf('?') > -1 ? '&' : '?') + `client_id=${clientId}&response_type=code`;
+    const authorizationUrlWithQueryParams = new URL(authorizationUrl);
+    authorizationUrlWithQueryParams.searchParams.append('response_type', 'code');
+    authorizationUrlWithQueryParams.searchParams.append('client_id', clientId);
     if (callbackUrl) {
-      oauth2QueryParams += `&redirect_uri=${callbackUrl}`;
+      authorizationUrlWithQueryParams.searchParams.append('redirect_uri', callbackUrl);
     }
     if (scope) {
-      oauth2QueryParams += `&scope=${scope}`;
+      authorizationUrlWithQueryParams.searchParams.append('scope', scope);
     }
     if (pkce) {
-      oauth2QueryParams += `&code_challenge=${codeChallenge}&code_challenge_method=S256`;
+      authorizationUrlWithQueryParams.searchParams.append('code_challenge', codeChallenge);
+      authorizationUrlWithQueryParams.searchParams.append('code_challenge_method', 'S256');
     }
     if (state) {
-      oauth2QueryParams += `&state=${state}`;
+      authorizationUrlWithQueryParams.searchParams.append('state', state);
     }
-
-    const authorizationUrlWithQueryParams = authorizationUrl + oauth2QueryParams;
     try {
       const oauth2Store = new Oauth2Store();
       const { authorizationCode } = await authorizeUserInWindow({
-        authorizeUrl: authorizationUrlWithQueryParams,
+        authorizeUrl: authorizationUrlWithQueryParams.toString(),
         callbackUrl,
         session: oauth2Store.getSessionIdOfCollection(collectionUid)
       });