requests-oauthlib

requests-oauthlib copied to clipboard

libs:

oauthlib                           3.1.0      
requests-oauthlib                  1.3.0 

The following code didn't work as the server replied that scope param was missing:

from oauthlib.oauth2 import BackendApplicationClient
from requests_oauthlib import OAuth2Session
client_id = '<redacted>'
client_secret = '<redacted>'
token_url = 'https://login.microsoftonline.com/<redacted>.onmicrosoft.com/oauth2/token?api-version=2.0'
scope = ['<redacted>']
client = BackendApplicationClient(client_id=client_id)
oauth = OAuth2Session(client=client, scope=scope)
token = oauth.fetch_token(token_url=token_url, client_id=client_id,
        client_secret=client_secret)

Changing the last two lines for the following did the trick:

oauth = OAuth2Session(client=client)
token = oauth.fetch_token(token_url=token_url, client_id=client_id,
        client_secret=client_secret, scope=scope)

So we moved the scope from the constructor to the function. But in the documentation it says:

OAuth 2.0 Session
classrequests_oauthlib.OAuth2Session(client_id=None, client=None, auto_refresh_url=None, auto_refresh_kwargs=None, scope=None, redirect_uri=None, token=None, state=None, token_updater=None, **kwargs)

and

fetch_token(token_url, code=None, authorization_response=None, body=u'', auth=None, username=None, password=None, method=u'POST', timeout=None, headers=None, verify=True, proxies=None, **kwargs)

So in the documentation the scope is on the constructor, but in the implementation it is on the fetch_token function.

Source: https://requests-oauthlib.readthedocs.io/en/latest/api.html#oauth-2-0

Can confirm this caused me a lot of issues your bug report solved it for me. Documentation update would be great.