Fixed special characters that were not allowed in API keys

orthanc-team · Sep 4, 2024 · 2891f9f · 2891f9f
1 parent dceb554
commit 2891f9f
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 4 deletions.
diff --git a/release-notes.md b/release-notes.md
@@ -7,7 +7,8 @@ SPDX-License-Identifier: GPL-3.0-or-later
 Pending changes
 ===============
 
-- fixed typo in `KEYCLOAK_ADMIN_URI` that was not read correctly.
+- Fixed typo in `KEYCLOAK_ADMIN_URI` that was not read correctly.
+- Fixed special characters that were not allowed in API keys.
 
 
 v 24.7.2

diff --git a/sources/orthanc_auth_service/shares/keycloak_admin.py b/sources/orthanc_auth_service/shares/keycloak_admin.py
@@ -13,8 +13,7 @@
 from .utils.utils import get_secret_or_die, is_secret_defined
 from .roles_configuration import RolesConfiguration
 import requests
-from urllib.parse import urljoin
-
+from urllib.parse import urljoin, urlencode
 
 class KeycloakAdmin:
 
@@ -38,7 +37,10 @@ def _get_keycloak_access_token(self) -> str:
         return access_token
 
     def get_user_profile_from_api_key(self, api_key: str) -> Optional[UserProfileResponse]:
-        keycloak_users_url = urljoin(self._keycloak_admin_uri, f"users?q=api-key:{api_key}")
+        query = {
+            "q": f"api-key:{api_key}"
+        }
+        keycloak_users_url = urljoin(self._keycloak_admin_uri, f"users?{urlencode(query)}")
         headers = {
             'Authorization': 'Bearer ' + self._get_keycloak_access_token(),
             'Content-Type': 'application/json'