ACP2E-2969: REST API unable to make requests with slash (/) in SKU when using Oauth1

Author: aplapana

app/code/Magento/Integration/Test/Unit/Oauth/OauthTest.php

@@ -55,7 +55,7 @@ class OauthTest extends TestCase
     /** @var \Magento\Framework\Oauth\Oauth */
     private $_oauth;
 
-    /** @var  \Zend_Oauth_Http_Utility */
+    /** @var  Utility */
     private $utility;
 
     /** @var DateTime */
@@ -160,9 +160,7 @@ protected function setUp(): void
         $this->_oauthHelperMock = $this->getMockBuilder(Oauth::class)
             ->setConstructorArgs([new Random()])
             ->getMock();
-        $this->utility = $this->getMockBuilder(Utility::class)
-            ->onlyMethods(['sign'])
-            ->getMock();
+        $this->utility = $this->createMock(Utility::class);
         $this->_dateMock = $this->getMockBuilder(DateTime::class)
             ->disableOriginalConstructor()
             ->getMock();
@@ -791,7 +789,13 @@ public function testValidateAccessToken()
     public function testBuildAuthorizationHeader()
     {
         $signature = 'valid_signature';
-        $this->utility->expects($this->any())->method('sign')->willReturn($signature);
+        $this->utility->expects($this->once())->method('sign')->willReturn($signature);
+        $this->utility->expects($this->once())
+            ->method('toAuthorizationHeader')
+            ->willReturn('OAuth oauth_nonce="tyukmnjhgfdcvxstyuioplkmnhtfvert",oauth_timestamp="1657789046",' .
+            'oauth_version="1.0",oauth_consumer_key="edf957ef88492f0a32eb7e1731e85da2",' .
+            'oauth_consumer_secret="asdawwewefrtyh2f0a32eb7e1731e85d",oauth_token="7c0709f789e1f38a17aa4b9a28e1b06c",' .
+            'oauth_token_secret="a6agsfrsfgsrjjjjyy487939244ssggg",oauth_signature="valid_signature"');
 
         $this->_setupConsumer(false);
         $this->_oauthHelperMock->expects(

lib/internal/Magento/Framework/Oauth/Helper/Utility.php

@@ -43,6 +43,29 @@ public function sign(
         return base64_encode($binaryHash);
     }
 
+    /**
+     * Cast to authorization header
+     *
+     * @param array $params
+     * @param bool $excludeCustomParams
+     * @return string
+     */
+    public function toAuthorizationHeader(array $params, bool $excludeCustomParams = true): string
+    {
+        $headerValue = [];
+        foreach ($params as $key => $value) {
+            if ($excludeCustomParams) {
+                if (! preg_match("/^oauth_/", $key)) {
+                    continue;
+                }
+            }
+            $headerValue[] = $this->urlEncode((string)$key)
+                . '="'
+                . $this->urlEncode((string)$value) . '"';
+        }
+        return 'OAuth ' . implode(",", $headerValue);
+    }
+
     /**
      * Assemble key from consumer and token secrets
      *

lib/internal/Magento/Framework/Oauth/Oauth.php

@@ -162,10 +162,8 @@ public function buildAuthorizationHeader(
             $httpMethod,
             $requestUrl
         );
-        $authorizationHeader = $this->hmacSignatureHelper->toAuthorizationHeader($headerParameters);
-        // toAuthorizationHeader adds an optional realm="" which is not required for now.
-        // http://tools.ietf.org/html/rfc2617#section-1.2
-        return str_replace('realm="",', '', $authorizationHeader);
+
+        return $this->hmacSignatureHelper->toAuthorizationHeader($headerParameters);
     }
 
     /**