[PR #11472/c41de53d backport][stable-12] keycloak: URL-encode query parameters for usernames with special characters (#11474)

keycloak: URL-encode query parameters for usernames with special characters (#11472) * fix(keycloak): URL-encode query params for usernames with special chars get_user_by_username() concatenates the username directly into the URL query string. When the username contains a +, it is interpreted as a space by the server, returning no match and causing a TypeError. Use urllib.parse.quote() (already imported) for the username parameter. Also replace three fragile .replace(' ', '%20') calls in the authz search methods with proper quote() calls. Fixes #10305 * Update changelogs/fragments/keycloak-url-encode-query-params.yml --------- (cherry picked from commit c41de53dbb) Co-authored-by: Ivan Kokalovic <67540157+koke1997@users.noreply.github.com> Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
2026-03-22 05:09:12 +00:00 · 2026-02-06 20:36:02 +01:00 · 2026-02-06 20:36:02 +01:00 · d637db7623
commit d637db7623
parent 2198588afa
3 changed files with 67 additions and 4 deletions
--- a/changelogs/fragments/keycloak-url-encode-query-params.yml
+++ b/changelogs/fragments/keycloak-url-encode-query-params.yml
@ -0,0 +1,7 @@
+bugfixes:
+  - keycloak module utils - fix ``TypeError`` crash when managing users whose username
+    or email contains special characters such as ``+``
+    (https://github.com/ansible-collections/community.general/issues/10305, https://github.com/ansible-collections/community.general/pull/11472).
+  - keycloak module utils - use proper URL encoding (``urllib.parse.quote``) for query
+    parameters in authorization permission name searches, replacing fragile
+    manual space replacement (https://github.com/ansible-collections/community.general/pull/11472).