Skip to content

Modifications of headers returned by Client.prepare_*_request affects future calls #873

New issue
New issue
Open
Open
Modifications of headers returned by Client.prepare_*_request affects future calls#873
@radekholy24

Description

@radekholy24
radekholy24
opened on Jan 31, 2024

Describe the bug

If I modify the headers dictionary returned by a Client.prepare_*_request method, the future calls to any of these methods return the modified headers.

How to reproduce

>>> import oauthlib.oauth2
>>> client = oauthlib.oauth2.WebApplicationClient('my client id')
>>> _, headers, _ = client.prepare_authorization_request('https://example.com')
>>> headers
{'Content-Type': 'application/x-www-form-urlencoded'}
>>> headers['Content-Length'] = '0'
>>> _, headers, _ = client.prepare_authorization_request('https://example.com')
>>> headers
{'Content-Type': 'application/x-www-form-urlencoded', 'Content-Length': '0'}
>>> _, headers, _ = client.prepare_token_request('https://example.com')
>>> headers
{'Content-Type': 'application/x-www-form-urlencoded', 'Content-Length': '0'}
>>> _, headers, _ = client.prepare_refresh_token_request('https://example.com')
>>> headers
{'Content-Type': 'application/x-www-form-urlencoded', 'Content-Length': '0'}

Expected behavior

Either:

>>> import oauthlib.oauth2
>>> client = oauthlib.oauth2.WebApplicationClient('my client id')
>>> _, headers, _ = client.prepare_authorization_request('https://example.com')
>>> headers['Content-Length'] = '0'
>>> _, headers, _ = client.prepare_authorization_request('https://example.com')
>>> headers
{'Content-Type': 'application/x-www-form-urlencoded'}
>>> _, headers, _ = client.prepare_token_request('https://example.com')
>>> headers
{'Content-Type': 'application/x-www-form-urlencoded'}
>>> _, headers, _ = client.prepare_refresh_token_request('https://example.com')
>>> headers
{'Content-Type': 'application/x-www-form-urlencoded'}

or

>>> import oauthlib.oauth2
>>> client = oauthlib.oauth2.WebApplicationClient('my client id')
>>> _, headers, _ = client.prepare_authorization_request('https://example.com')
>>> try:
...     headers['Content-Length'] = '0'
... except Exception:
...     print('an exception occurred')
... 
an exception occurred

or

this unusual feature being documented

Additional context

Please provide any further context here.

  • Are you using OAuth1, OAuth2 or OIDC? OAuth2
  • Are you writing client or server side code? client
  • If client, what provider are you connecting to? a custom one
  • Are you using a downstream library, such as requests-oauthlib, django-oauth-toolkit, ...? no

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions