oauthlib raises exception due to unquoted apostrophe or single quote

[chancyk]

I'm attempting to make a request that has a query parameter which contains apostrophes. oauthlib seems to only consider =&;:%+~,*@!()/? to be safe, but requests isn't encoding the apostrophe as %27, since it's passing !#$%&'()*+,/:;=?@[]~ as the safe list to urllib's quote here.

I'm not really sure what the intentions of the various intermediate encoding steps are to fix the issue.

Expected Result

A successful GET request with a query parameter that includes apostrophes when using the requests_oauthlib plugin.

Actual Result

oauthlib raises an exception here due to the single quote not being encoded.

Reproduction Steps

from requests.utils import requote_uri
from oauthlib.common import urldecode

requoted_uri = requote_uri("SELECT * FROM Deposit WHERE TxnDate >= '2017-08-01' AND TxnDate < '2017-09-01'")
urldecode(requoted_uri)

System Information

$ python -m requests.help

{
  "chardet": {
    "version": "3.0.4"
  },
  "cryptography": {
    "version": ""
  },
  "idna": {
    "version": "2.6"
  },
  "implementation": {
    "name": "CPython",
    "version": "3.6.1"
  },
  "platform": {
    "release": "7",
    "system": "Windows"
  },
  "pyOpenSSL": {
    "openssl_version": "",
    "version": null
  },
  "requests": {
    "version": "2.18.4"
  },
  "system_ssl": {
    "version": "100020bf"
  },
  "urllib3": {
    "version": "1.22"
  },
  "using_pyopenssl": false
}

[chancyk]

It seems like oauthlib might be expecting a fully x-www-form-urlencoded uri, but requests is only unquoting unreserved characters here before passing the uri to the auth client here.

[Lukasa]

Hm. It seems like oauthlib and Requests are disagreeing on what URL spec to follow. I can be convinced that Requests is in the wrong here.