1 files changed, 23 insertions, 1 deletions

diff --git a/src/zenhttp/auth/oidc.cpp b/src/zenhttp/auth/oidc.cpp
index 38e7586ad..23bbc17e8 100644
--- a/src/zenhttp/auth/oidc.cpp
+++ b/src/zenhttp/auth/oidc.cpp
@@ -32,6 +32,25 @@ namespace details {
 
 using namespace std::literals;
 
+static std::string
+FormUrlEncode(std::string_view Input)
+{
+	std::string Result;
+	Result.reserve(Input.size());
+	for (char C : Input)
+	{
+		if ((C >= 'A' && C <= 'Z') || (C >= 'a' && C <= 'z') || (C >= '0' && C <= '9') || C == '-' || C == '_' || C == '.' || C == '~')
+		{
+			Result.push_back(C);
+		}
+		else
+		{
+			Result.append(fmt::format("%{:02X}", static_cast<uint8_t>(C)));
+		}
+	}
+	return Result;
+}
+
 OidcClient::OidcClient(const OidcClient::Options& Options)
 {
 	m_BaseUrl  = std::string(Options.BaseUrl);
@@ -67,6 +86,8 @@ OidcClient::Initialize()
 				.TokenEndpoint					   = Json["token_endpoint"].string_value(),
 				.UserInfoEndpoint				   = Json["userinfo_endpoint"].string_value(),
 				.RegistrationEndpoint			   = Json["registration_endpoint"].string_value(),
+				.EndSessionEndpoint				   = Json["end_session_endpoint"].string_value(),
+				.DeviceAuthorizationEndpoint	   = Json["device_authorization_endpoint"].string_value(),
 				.JwksUri						   = Json["jwks_uri"].string_value(),
 				.SupportedResponseTypes			   = details::ToStringArray(Json["response_types_supported"]),
 				.SupportedResponseModes			   = details::ToStringArray(Json["response_modes_supported"]),
@@ -81,7 +102,8 @@ OidcClient::Initialize()
 OidcClient::RefreshTokenResult
 OidcClient::RefreshToken(std::string_view RefreshToken)
 {
-	const std::string Body = fmt::format("grant_type=refresh_token&refresh_token={}&client_id={}", RefreshToken, m_ClientId);
+	const std::string Body =
+		fmt::format("grant_type=refresh_token&refresh_token={}&client_id={}", FormUrlEncode(RefreshToken), FormUrlEncode(m_ClientId));
 
 	HttpClient Http{m_Config.TokenEndpoint};