Closed JamesKunstle closed 11 months ago
@JamesKunstle you can pass a auth
parameter in this case to resolve the issue for now.
def custom_auth(req):
req.headers["Authorization"] = "Client ..."
return req
token = client.fetch_token(..., auth=auth)
Describe the bug
This is w.r.t an OAuth2Session object in a Flask application communicating with a custom authorization server. Authorization with custom requests works fine with the same inputs.
The auth server we're communicating with implements the 'Authorization'-in-header requirement. That means that one of the headers for the access-token retrieval step must be {'Authorization': 'Client'}.
However, when we call this:
The server replies that the application isn't an authorized client- the error is SPECIFIC to the header not being set correctly.
All packages are latest as of 8/8/23.
The desired behavior is for the header that is set in fetch_token to be propagated to the request, but it seems to be dropped.