Consider auto_refresh_kwargs for token refresh authentication.\nThis is a follow-up on requests#340.

fodinabor · fodinabor · commit acf81b32fe83 · 2020-04-21T20:05:32.000+02:00
diff --git a/requests_oauthlib/oauth2_session.py b/requests_oauthlib/oauth2_session.py
@@ -418,6 +418,15 @@ def refresh_token(
             "Adding auto refresh key word arguments %s.", self.auto_refresh_kwargs
         )
         kwargs.update(self.auto_refresh_kwargs)
+
+        auth = auth or kwargs.pop('auth', None)
+        client_id = kwargs.get('client_id')
+        client_secret = kwargs.get('client_secret', '')
+
+        if client_id and (auth is None):
+            log.debug('Encoding client_id "%s" with client_secret as Basic auth credentials.', client_id)
+            auth = requests.auth.HTTPBasicAuth(client_id, client_secret)
+
         body = self._client.prepare_refresh_body(
             body=body, refresh_token=refresh_token, scope=self.scope, **kwargs
         )
@@ -491,16 +500,9 @@ def request(
                         self.auto_refresh_url,
                     )
 
-                    # We mustn't pass auth twice.
-                    auth = kwargs.pop("auth", None)
-                    if client_id and client_secret and (auth is None):
-                        log.debug(
-                            'Encoding client_id "%s" with client_secret as Basic auth credentials.',
-                            client_id,
-                        )
-                        auth = requests.auth.HTTPBasicAuth(client_id, client_secret)
                     token = self.refresh_token(
-                        self.auto_refresh_url, auth=auth, **kwargs
+                        self.auto_refresh_url, client_id=client_id,
+                        client_secret=client_secret, **kwargs
                     )
                     if self.token_updater:
                         log.debug(
