OAuth2 `LegacyApplicationClient` should honor default scopes in `prepare_request_body`

Hi there,

I found this while using `requests-oauthlib` (https://github.com/requests/requests-oauthlib/issues/406) but it actually belongs here.

Consider this code:

```python
from oauthlib.oauth2 import LegacyApplicationClient
from requests_oauthlib import OAuth2Session

client = LegacyApplicationClient(client_id="my_client_id", scope=['openid', 'profile'])
oauth_session = OAuth2Session(client)

token = oauth_session.fetch_token(token_url='https://<blah>.auth0.com/oauth/ro',
                                                         username=username, password=password,
                                                         include_client_id=True,
                                                         scope=['openid', 'profile']  # this should not be needed
                                  )
```

I currently have to include the `scope` in `fetch_token()` to get a valid token, because the default scopes defined in `LegacyApplicationClient` are not used in `LegacyApplicationClient.prepare_request_body(...)` when `scope=None` is received.

I will submit a PR




Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

OAuth2 `LegacyApplicationClient` should honor default scopes in `prepare_request_body` #725

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Uh oh!

OAuth2 LegacyApplicationClient should honor default scopes in prepare_request_body #725

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

OAuth2 `LegacyApplicationClient` should honor default scopes in `prepare_request_body` #725