docusign · emilford · Jul 30, 2020 · Jul 30, 2020
diff --git a/.rspec b/.rspec
@@ -1,3 +1 @@
 --color
---require spec_helper
---debuger
diff --git a/docusign_esign.gemspec b/docusign_esign.gemspec
@@ -29,6 +29,7 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency 'jwt', '~> 2.2', '>= 2.2.1'
   s.add_runtime_dependency 'typhoeus', '~> 1.0', '>= 1.0.1'
   s.add_runtime_dependency 'json', '~> 2.1', '>= 2.1.0'
+  s.add_runtime_dependency 'addressable', '~> 2.7', '>= 2.7.0'
 
   s.add_development_dependency 'rspec-mocks', '~> 3.8', '>= 3.8.0'
   s.add_development_dependency 'rspec-expectations', '~> 3.8', '>= 3.8.0'

diff --git a/lib/docusign_esign/client/api_client.rb b/lib/docusign_esign/client/api_client.rb
@@ -9,6 +9,7 @@
 
 =end
 
+require 'addressable'
 require 'date'
 require 'json'
 require 'logger'
@@ -259,8 +260,8 @@ def sanitize_filename(filename)
     def build_request_url(path, opts)
       # Add leading and trailing slashes to path
       path = "/#{path}".gsub(/\/+/, '/')
-      return URI.encode("https://" + self.get_oauth_base_path + path) if opts[:oauth]
-      URI.encode(@config.base_url + path)
+      return Addressable::URI.escape("https://" + self.get_oauth_base_path + path) if opts[:oauth]
+      Addressable::URI.escape(@config.base_url + path)
     end
 
     # Builds the HTTP request body

diff --git a/lib/docusign_esign/configuration.rb b/lib/docusign_esign/configuration.rb
@@ -10,7 +10,7 @@
 
 =end
 
-require 'uri'
+require 'addressable'
 
 module DocuSign_eSign
   class Configuration
@@ -169,7 +169,7 @@ def base_path=(base_path)
 
     def base_url
       url = "#{scheme}://#{[host, base_path].join('/').gsub(/\/+/, '/')}".sub(/\/+\z/, '')
-      URI.encode(url)
+      Addressable::URI.escape(url)
     end
 
     # Gets API key (with prefix if set).
@@ -200,4 +200,4 @@ def auth_settings
       }
     end
   end
-end
+end
diff --git a/spec/lib/docusign_esign/client/api_client_spec.rb b/spec/lib/docusign_esign/client/api_client_spec.rb
@@ -0,0 +1,46 @@
+require "docusign_esign"
+require "docusign_esign/client/api_client"
+
+RSpec.describe DocuSign_eSign::ApiClient do
+  describe "#build_request_url" do
+    context "when the oauth option is set" do
+      it "replaces unsafe characters with safe characters" do
+        client = described_class.new
+        client.oauth_base_path = "domain.com/oauth"
+
+        url = client.build_request_url("/path^{}%<> #anchor", { oauth: true })
+
+        expect(url).to eq("https://domain.com/oauth/path%5E%7B%7D%25%3C%3E%20#anchor")
+      end
+
+      it "replaces multiple forward slashes with a single forward slash" do
+        client = described_class.new
+        client.oauth_base_path = "domain.com/oauth"
+
+        url = client.build_request_url("//path", { oauth: true })
+
+        expect(url).to eq("https://domain.com/oauth/path")
+      end
+    end
+
+    context "when the oauth option is not set" do
+      it "replaces unsafe characters with safe characters" do
+        config = instance_double("Configuration", base_url: "http://domain.com")
+        client = described_class.new(config)
+
+        url = client.build_request_url("/path^{}%<> #anchor", { oauth: false })
+
+        expect(url).to eq("http://domain.com/path%5E%7B%7D%25%3C%3E%20#anchor")
+      end
+
+      it "replaces multiple forward slashes with a single forward slash" do
+        config = instance_double("Configuration", base_url: "http://domain.com")
+        client = described_class.new(config)
+
+        url = client.build_request_url("//path", { oauth: false })
+
+        expect(url).to eq("http://domain.com/path")
+      end
+    end
+  end
+end
diff --git a/spec/lib/docusign_esign/configuration_spec.rb b/spec/lib/docusign_esign/configuration_spec.rb
@@ -0,0 +1,39 @@
+require "docusign_esign"
+require "docusign_esign/configuration"
+
+RSpec.describe DocuSign_eSign::Configuration do
+  describe "#base_url" do
+    it "replaces unsafe characters with safe characters" do
+      configuration = DocuSign_eSign::Configuration.new
+      configuration.scheme = "https"
+      configuration.host = "www.domain.com"
+      configuration.base_path = "/base/path^{}%<> #anchor"
+
+      base_url = configuration.base_url
+
+      expect(base_url).to eq("https://www.domain.com/base/path%5E%7B%7D%25%3C%3E%20#anchor")
+    end
+
+    it "replaces multiple forward slashes with a single forward slash" do
+      configuration = DocuSign_eSign::Configuration.new
+      configuration.scheme = "https"
+      configuration.host = "www.domain.com"
+      configuration.base_path = "//base/path"
+
+      base_url = configuration.base_url
+
+      expect(base_url).to eq("https://www.domain.com/base/path")
+    end
+
+    it "strips the trailing forward slash" do
+      configuration = DocuSign_eSign::Configuration.new
+      configuration.scheme = "https"
+      configuration.host = "www.domain.com"
+      configuration.base_path = "/base/path/"
+
+      base_url = configuration.base_url
+
+      expect(base_url).to eq("https://www.domain.com/base/path")
+    end
+  end
+end