Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Don't modify instance attributes when calling make_client with a token #177
When creating an OAuthRemoteApp object with a specific dict of "request_token_params", and afterwards calling make_client() with a specific token as an argument (for instance when calling any of the REST methods which in turn call request()), then "request_token_params" will be added the "resource_owner_key" and "resource_owner_secret" keys and values retrieved from the token passed.
Thus, if you want to call again the authorize() method, a new client will be created that will take as argument the "request_token_params" modified dict (see https://github.com/lepture/flask-oauthlib/blob/master/flask_oauthlib/client.py#L342, https://github.com/lepture/flask-oauthlib/blob/master/flask_oauthlib/client.py#L350).
This has happened to cause "OAuthException: Failed to generate request token" because of an Unauthorized response from the provider (in my particular case, Dropbox using OAuth 1.0).
This small PR solves this issue by doing a shallow copy of the "request_token_params" dict when calling make_client() with a token.