From b532eb331b143a4a0c17e86486a62fb10b58fff7 Mon Sep 17 00:00:00 2001
From: debuggings <debuggings@gmail.com>
Date: Wed, 14 Aug 2024 21:09:19 +0800
Subject: [PATCH] fix scram username character escape

According to [rfc5802](https://datatracker.ietf.org/doc/html/rfc5802), username should escape special characters before sending to the server.
> The characters ',' or '=' in usernames are sent as '=2C' and
         '=3D' respectively.  If the server receives a username that
         contains '=' not followed by either '2C' or '3D', then the
         server MUST fail the authentication.
---
 kafka/scram.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kafka/scram.py b/kafka/scram.py
index 74f4716bd..236ae2149 100644
--- a/kafka/scram.py
+++ b/kafka/scram.py
@@ -30,7 +30,7 @@ def __init__(self, user, password, mechanism):
         self.server_signature = None
 
     def first_message(self):
-        client_first_bare = f'n={self.user},r={self.nonce}'
+        client_first_bare = f'n={self.user.replace("=","=3D").replace(",","=2C")},r={self.nonce}'
         self.auth_message += client_first_bare
         return 'n,,' + client_first_bare