[JAVA][RestTemplate]Query parameter is not URL encoded

[simingweng]

Description

If an API accept query parameter and parameter contains unsafe symbol, such as "&" sign, in the RestTemplate-based Java client, it is not encoded. When the request is sent as it is to the server side, it prevents the server from parsing the parameter properly.

openapi-generator version

3.0.0

OpenAPI declaration file content or url

https://github.com/OpenAPITools/openapi-generator/blob/v3.0.0/modules/openapi-generator/src/test/resources/2_0/petstore-with-fake-endpoints-models-for-testing.yaml

Command line used for generation

https://github.com/OpenAPITools/openapi-generator/blob/v3.0.0/bin/java-petstore-resttemplate.sh

Steps to reproduce

the line of code in question is at

openapi-generator/samples/client/petstore/java/resttemplate/src/main/java/org/openapitools/client/ApiClient.java

Line 518 in 9c82520

builder.queryParams(queryParams);

the parameter string are put into UriComponentsBuilder as it is

Suggest a fix/enhancement

It seems other flavour of Java clients, such as "okhttp-gson", is doing "escaping" while building the request, at

openapi-generator/samples/client/petstore/java/okhttp-gson/src/main/java/org/openapitools/client/ApiClient.java

Line 1037 in 9c82520

url.append(escapeString(param.getName())).append("=").append(escapeString(value));

we need to introduce this sanitisation in RestTemplate-based client

[wing328]

@simingweng thanks for reporting the issue with the details. May I know if you've time to contribute a fix?

https://github.com/OpenAPITools/openapi-generator/blob/master/modules/openapi-generator/src/main/resources/Java/libraries/resttemplate/ApiClient.mustache#L530 is a good starting point and I agree with you we should reuse similar technique in other Java clients.

[simingweng]

sure, I can work on this.

[ackintosh]

Could this issue be closed?

[simingweng]

Yes, I think so, the fix is already in 3.0.1 release.