Remove auth headers with LegacyApplicationClient?

[ChaosKid42]

I am trying to do the following:

oauth = OAuth2Session(client=LegacyApplicationClient(client_id=CLIENT_ID))
try:
  token = oauth.fetch_token(
    verify=VERIFY,
    token_url=TOKEN_URL,
    username=username, password=password, 
    client_id=CLIENT_ID,
    scope=SCOPE,
    client_secret=CLIENT_SECRET)
except InvalidGrantError:
  pass
except (MissingTokenError, ConnectionError) as e:
  print('Exception while calling auth_proxy: {}'.format(type(e)))

As you can see in the following debug output, it puts authentication information in the body and in the header. My OAuth-Provider (AD FS) does not like that. Is there any way I can disable authntication-headers?

DEBUG:requests_oauthlib.oauth2_session:Encoding client_id "***" with client_secret as Basic auth credentials.
DEBUG:requests_oauthlib.oauth2_session:Requesting url https://adfs.tld/oauth/token using method POST.
DEBUG:requests_oauthlib.oauth2_session:Supplying headers {'Accept': 'application/json', 'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8'} and data {'grant_type': 'password', 'username': '***@gmail.com', 'password': '***, 'scope': 'openid', 'client_id': '***', 'client_secret': '***'}
DEBUG:requests_oauthlib.oauth2_session:Passing through key word arguments {'json': None, 'timeout': None, 'auth': <requests.auth.HTTPBasicAuth object at 0x7fa72e3b9dd8>, 'verify': False, 'proxies': None}.
DEBUG:urllib3.connectionpool:https://adfs.tld:443 "POST /oauth/token HTTP/1.1" 200 1356
DEBUG:requests_oauthlib.oauth2_session:Prepared fetch token request body grant_type=password&username=***%40gmail.com&password=***&scope=openid&client_id=***&client_secret=***

[JonathanHuot]

@jvanasco is working to handle this specific use-case. It will requires both oauthlib and requests-oauthlib changes. See https://github.com/oauthlib/oauthlib/issues/585#issuecomment-420942874 changes proposal

[aparamon]

Another incompatible provider: Flask OAuth 2.0 Server.