From b871537d7194a370ddb0655d2e6e5e81d3e66a66 Mon Sep 17 00:00:00 2001
From: Alex Bourlier <alex@startinblox.com>
Date: Mon, 17 Jul 2023 18:15:48 +0100
Subject: [PATCH] fix: django and djangoldp-account are not encoding some
 reserved URL caracters the exact same way, ex: 'i' could become '%2c' or
 '%2C'. This fix works around this issue

---
 djangoldp_account/auth/solid.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/djangoldp_account/auth/solid.py b/djangoldp_account/auth/solid.py
index 0ba29df..b820c1a 100644
--- a/djangoldp_account/auth/solid.py
+++ b/djangoldp_account/auth/solid.py
@@ -1,6 +1,6 @@
 import time
 import uuid
-from urllib.parse import urlparse
+from urllib.parse import urlparse, unquote
 
 from django.http import Http404
 from django.core.exceptions import ObjectDoesNotExist
@@ -25,7 +25,7 @@ class Solid(object):
         request_url = urlparse(request.build_absolute_uri())
 
         # reject if the htu does not match the protocol, origin and path of the request
-        if htu.scheme != request_url.scheme or htu.hostname != request_url.hostname or htu.path != request_url.path:
+        if htu.scheme != request_url.scheme or htu.hostname != request_url.hostname or unquote(htu.path) != unquote(request_url.path):
             raise LDPLoginError('htu_claim_not_matching_request')
 
     @classonlymethod
-- 
GitLab