Attempted to utilize the OAuth 2.0 helper methods included in the Credentials class and encountered some unexpected behavior and inconsistencies.
The get_authorization_url method currently accepts the following args:
instance_id (str): App Instance ID. Defaults to ``None``.
redirect_uri (str): Redirect URI. Defaults to ``None``.
region (str): App Region. Defaults to ``None``.
scope (str): Permissions. Defaults to ``None``.
state (str): UUID to detect CSRF. Defaults to ``None``.
What's not immediately apparent is that client_id is also required, which means it should either
be passed in the Credentials() constructor, be present in the credentials store/file or be accepted
as a key-word argument.
The fetch_tokens method currently accepts the following args:
code (str): Authorization code. Defaults to ``None``.
redirect_uri (str): Redirect URI. Defaults to ``None``.
The problem is that for the authorization code grant type, client_id and client_secret must also
be included in the payload (HTTP basic authentication is not currently supported). Additionally, the
HTTP header Content-Type must be set to application/x-www-form-urlencoded. Due to these
omissions, the fetch_tokens method does not function.
Suggested Fixes
Add client_id key-word argument to get_authorization_url method with support for resolving if passed as Credentials() kwarg or if present in credentials store/file.
Add client_id and client_secret kwargs to fetch_tokens method and add headers argument to set HTTP header Content-Type to application/x-www-form-urlencoded.
Description
Attempted to utilize the OAuth 2.0 helper methods included in the
Credentials
class and encountered some unexpected behavior and inconsistencies.The
get_authorization_url
method currently accepts the following args:What's not immediately apparent is that
client_id
is also required, which means it should either be passed in theCredentials()
constructor, be present in the credentials store/file or be accepted as a key-word argument.The
fetch_tokens
method currently accepts the following args:The problem is that for the authorization code grant type,
client_id
andclient_secret
must also be included in the payload (HTTP basic authentication is not currently supported). Additionally, the HTTP headerContent-Type
must be set toapplication/x-www-form-urlencoded
. Due to these omissions, thefetch_tokens
method does not function.Suggested Fixes
client_id
key-word argument toget_authorization_url
method with support for resolving if passed asCredentials()
kwarg or if present in credentials store/file.client_id
andclient_secret
kwargs tofetch_tokens
method and addheaders
argument to set HTTP headerContent-Type
toapplication/x-www-form-urlencoded
.