Since we get exactly the same token in the warning, and the original commit's message suggests the warning is optional, it seems as though we can just do session.token = e.token (whose setter calls the necessary follow-on logic) and continue as usual.
This provides a more-explicit fix for #287
requests_oauthlib.OAuth2Session#fetch_token
whichoauthlib.oauth2.WebApplicationClient#parse_request_body_response
whichoauthlib.oauth2.rfc6749.clients.Client#parse_request_body_response
whichoauthlib.oauth2.rfc6749.parameters.parse_token_response
whichWarning
on changed scopes, complete with the parsed tokenself.token
* callsself.populate_token_attributes
self.token
whichpopulate_token_attributes
againself.token
Since we get exactly the same token in the warning, and the original commit's message suggests the warning is optional, it seems as though we can just do
session.token = e.token
(whose setter calls the necessary follow-on logic) and continue as usual.