user:pwd is missing Base64 encoding in RemoteClientSecretTokenProvider

[GGerrits]

When using RemoteSecrets, the user:pwd is not base64 encoded.

"Authentication": { "RemoteSecrets": { "BasicAuth": { "ClientSecret": "Decrypt:...", "HeaderKey": "Basic" } },

I tried with and without encoding for calls from LGS to MailSender. Only with base64 encoding would work.

The fix (to be done in Arc4u.Standard.OAuth2.AspNetCore/TokenProvider/RemoteClientSecretTokenprovider):

var clientSecret = settings.Values[TokenKeys.ClientSecret];
clientSecret = Convert.ToBase64String(Encoding.UTF8.GetBytes(clientSecret));
return Task.FromResult(new TokenInfo(settings.Values[TokenKeys.ClientSecretHeader], clientSecret, DateTime.UtcNow + TimeSpan.FromHours(1)));

[vvdb-architecture]

The behavior is as-designed: the TokenKeys.ClientSecret is supposed to contain the Base64 encoding already.

[GFlisch]

Implementation:
Change the RemoteTokenProvider:

• Check the decrypted ClientSecret is in clear text or not!
• If not do Base64 and send it.
• Otherwise send it like that.

Will be released with the 8.2.0 version of the framework.

[GFlisch]

Hi @GGerrits .

Is it ok now?

[GFlisch]

So the expected sequence in Arc4u TokenProvider is

Try read from Base64
if failt to base 64 RemoteClientSecretTokenProvider