-
-
Notifications
You must be signed in to change notification settings - Fork 421
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OAuth2Session doesn't use token if netrc is present #278
Comments
Yeah, this is a moderate annoyance. Probably a better fix is to provide a no-op auth handler that can deal with this. |
That makes sense. I'm thinking that it wouldn't need to be exposed as a public API, since it's just a way of saying "we've already got authentication covered, don't mess with us". Could that be added universally in the init method, or do we need to add it conditionally, when we have a token to use? If we need to do it selectively, we'll likely need to set and unset it in several places. |
Selectively, sadly. There are some situations where we deliberately use basic auth or other auth handlers. |
I was thinking that those cases could be handled the same as with a standard
Are you saying that there's further complexity within requests-oauthlib that makes that pattern unsuitable? |
That's certainly possible. Worth seeing how that looks in the code, at any rate. |
The Heroku Toolbelt client uses a
.netrc
file to store its credentials locally. When using OAuth2Session, giving a properly-formedtoken
to the constructor, theauth
property on the session is not set, and requests goes and looks for a netrc file to add them in automatically when the request is made. When we have set the token, this really needs to not happen.The "ideal" fix would be to have the
OAuth2Session.auth
property set toOAuth2
. I definitely don't know the complexities of how difficult this is, but this bug makes OAuth2Session unusable for me, and I'm having to drop down to usingOAuth2
auth directly instead for my use-case.The text was updated successfully, but these errors were encountered: