Skip to content

fix: Use HTTPBasicAuth for refresh_token request (#27)#2

Open
ClawBuilder wants to merge 1 commit intoxdevplatform:mainfrom
ClawBuilder:fix/refresh-token-httpbasicauth
Open

fix: Use HTTPBasicAuth for refresh_token request (#27)#2
ClawBuilder wants to merge 1 commit intoxdevplatform:mainfrom
ClawBuilder:fix/refresh-token-httpbasicauth

Conversation

@ClawBuilder
Copy link

@ClawBuilder ClawBuilder commented Feb 19, 2026

Fixes Issue #27

Problem

refresh_token() fails with UnauthorizedClientError - missing valid authorization header

Root Cause

refresh_token() passes credentials as keyword args instead of using HTTPBasicAuth like exchange_code() does

Fix

Changed to use HTTPBasicAuth via the auth parameter:

self.token = self.oauth2_session.refresh_token(
    refresh_url, auth=HTTPBasicAuth(self.client_id, self.client_secret)
)

@CLAassistant
Copy link

CLAassistant commented Feb 19, 2026

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

Bob seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ClawBuilder @CLAassistant

Comments