diff --git a/test/IdentityServer.UnitTests/Validation/Secrets/BasicAuthenticationCredentialParsing.cs b/test/IdentityServer.UnitTests/Validation/Secrets/BasicAuthenticationCredentialParsing.cs
index dcb56c12c..cea52fa53 100644
--- a/test/IdentityServer.UnitTests/Validation/Secrets/BasicAuthenticationCredentialParsing.cs
+++ b/test/IdentityServer.UnitTests/Validation/Secrets/BasicAuthenticationCredentialParsing.cs
@@ -3,6 +3,7 @@
 
 
 using System;
+using System.Net.Http;
 using System.Text;
 using Duende.IdentityServer;
 using Duende.IdentityServer.Configuration;
@@ -56,13 +57,63 @@ public async void Valid_BasicAuthentication_Request()
             secret.Id.Should().Be("client");
             secret.Credential.Should().Be("secret");
         }
+        
+        [Theory]
+        [Trait("Category", Category)]
+        [InlineData("client", "secret")]
+        [InlineData("cl ient", "secret")]
+        [InlineData("cl ient", "se cret")]
+        [InlineData("client", "se+cret")]
+        [InlineData("cl+ ient", "se+cret")]
+        [InlineData("cl+ ient", "se+ cret")]
+        public async void Valid_BasicAuthentication_Request_in_various_Formats_Manual(string userName, string password)
+        {
+            Encoding encoding = Encoding.UTF8;
+            var context = new DefaultHttpContext();
+            
+            if (password == null) password = "";
+            string credential = $"{Uri.EscapeDataString(userName)}:{Uri.EscapeDataString(password)}";
+
+            var headerValue = $"Basic {Convert.ToBase64String(encoding.GetBytes(credential))}";
+            context.Request.Headers.Add("Authorization", new StringValues(headerValue));
+            
+            var secret = await _parser.ParseAsync(context);
+
+            secret.Type.Should().Be(IdentityServerConstants.ParsedSecretTypes.SharedSecret);
+            secret.Id.Should().Be(userName);
+            secret.Credential.Should().Be(password);
+        }
+        
+        [Theory]
+        [Trait("Category", Category)]
+        [InlineData("client", "secret")]
+        [InlineData("cl ient", "secret")]
+        [InlineData("cl ient", "se cret")]
+        [InlineData("client", "se+cret")]
+        [InlineData("cl+ ient", "se+cret")]
+        [InlineData("cl+ ient", "se+ cret")]
+        public async void Valid_BasicAuthentication_Request_in_various_Formats_IdentityModel(string userName, string password)
+        {
+            Encoding encoding = Encoding.UTF8;
+            var context = new DefaultHttpContext();
+
+            var credential = BasicAuthenticationOAuthHeaderValue.EncodeCredential(userName, password);
+            var headerValue = $"Basic {credential}";
+            context.Request.Headers.Add("Authorization", new StringValues(headerValue));
+            
+            var secret = await _parser.ParseAsync(context);
+
+            secret.Type.Should().Be(IdentityServerConstants.ParsedSecretTypes.SharedSecret);
+            secret.Id.Should().Be(userName);
+            secret.Credential.Should().Be(password);
+        }
 
         [Fact]
         [Trait("Category", Category)]
         public async void Valid_BasicAuthentication_Request_With_UserName_Only_And_Colon_For_Optional_ClientSecret()
         {
             var context = new DefaultHttpContext();
-
+            
             var headerValue = string.Format("Basic {0}",
                 Convert.ToBase64String(Encoding.UTF8.GetBytes("client:")));
             context.Request.Headers.Add("Authorization", new StringValues(headerValue));