Closed benreinhold-nm closed 1 year ago
Thanks for the great find!
Indeed, there should be the content-type: application/json
in response headers. I think there was a mistake in line number that you sent. Instead of HTTPHeaderDict()
there should be default_headers
.
Hey @tdg5, I made a PR #86 any objections regarding of these changes?
The errors produced when passing invalid client credentials have a JSON body but not an
application/json
content-type (as prescribed by RFC 6749, Section 5.2). The cause for this is this line where the empty header directory "overwrites" thedefault_headers
in the base class constructor.Originally I wanted to make a quick PR to fix this, but there seems to be a test testing explictly for the
content-type
-less response header which is why I wanted to check here first that I'm not missing something.