1

According to the docs for requests_oauthlib Oauth2Session you should be able to change the token endpoint method from client_secret_basic, which is the default method, to client_secret_post in the following way

client = OAuth2Session(token_endpoint_auth_method='client_secret_post')

I try to implement this in my own function with

import secrets.py

IDP_CONFIG = {
  "well_known_url": "https://{your-well-known-url}/sso/oauth2/.well-known/openid-configuration",
  "client_id": secrets.db.get('client_id'),
  "client_secret":secrets.db.get('client_secret'),
  "scope": ["email", "openid"]
}

def get_oauth2_session(**kwargs):
    oauth2_session = OAuth2Session(scope=IDP_CONFIG["scope"],
                                    redirect_uri=url_for(".oidc_callback", _external=True),
                                    client_id=IDP_CONFIG["client_id"],
                                    token_endpoint_auth_method='client_secret_post',
                                    **kwargs)
    return oauth2_session

I get this error:

TypeError: __init__() got an unexpected keyword argument 'token_endpoint_auth_method'

As you can see, I can pass other arguments to the function, so it looks like this is not available, but it is in the latest docs. How can I solve it?

my package versions are the following:

python==3.8.8
requests-oauthlib==1.3.1
bart cubrich
  • 1,184
  • 1
  • 14
  • 41
  • These docs are for version 1.0.0. I posted an issue here, after looking at the github repo and noticing there isn't an explicit way to change the method, at least an easy to see one. https://github.com/requests/requests-oauthlib/issues/488 I will update the answer if I find one through this issue. – bart cubrich Mar 23 '22 at 16:04
  • 1
    Good call. Had been in the middle of typing "seems like a bug". I searched through the Github repo and could find no trace of the value `client_secret_post`, so maybe it was removed. – Codebling Mar 23 '22 at 16:40

0 Answers0