this is an issue, as it sends to the request_token url anything passed to a regular request and add it to the body of refresh_token
is there any justification ? what is sent to the regular end-point should not reach the refresh_token endpoint, only auto_refresh_kwargs should be used.
and why not using the client_id provided within the client, for instance for Legacy Application Flow
https://github.com/requests/requests-oauthlib/commit/9188065809f0a783af4c6d83c4562e1be112114b
this is an issue, as it sends to the request_token url anything passed to a regular request and add it to the body of refresh_token
is there any justification ? what is sent to the regular end-point should not reach the refresh_token endpoint, only auto_refresh_kwargs should be used.
and why not using the client_id provided within the client, for instance for Legacy Application Flow