Closed glaucojunior22 closed 1 month ago
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 97.56%. Comparing base (
560f84d
) to head (5101903
). Report is 3 commits behind head on master.:exclamation: Current head 5101903 differs from pull request most recent head 14b3365. Consider uploading reports for the commit 14b3365 to get more accurate results
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Fixes #1276
Even after the PR #1276 if the request don't have the
client_secret
field the response will be: status_code: 401 {"error": "invalid_client"} Demo imageThe only way to retrieve the token is sending the client_secret field as an empty string: Demo image
This PR is to allow the first case (request without a client_secret field) to work accordingly to the RFC specification
Reason
The Oauthlib Request object always have the client_secret param initialized as None, so
getattr(request, "client_secret", "")
will return None intead of the empty string even if the original request doesn't send the parameter, this is why I added theor ""
at the end of this line.Checklist
CHANGELOG.md
updated (only for user relevant changes)AUTHORS