Prevent save_token() from being called twice within create_token_response(). We call save_token() after any token modifiers have run so we can tell the token_handler's create_token() method not to save the token and do that explicitly ourselves.

author: Joel Stevenson <jstevenson@bepress.com> 2016-04-29 09:29:22 -0700
committer: Joel Stevenson <jstevenson@bepress.com> 2016-04-29 09:29:22 -0700
commit: 2f7fd6cde2e10a9980ad4ef2e438d6b93769e613 (patch)
tree: f898092850c8d7a23a8037684b80443bb18cfa3f /oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py
parent: 0fee646124b4af3cdf16189c64ac64777bc1c919 (diff)
download: oauthlib-2f7fd6cde2e10a9980ad4ef2e438d6b93769e613.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py b/oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py
index 16690ae..0f4d65e 100644
--- a/oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py
+++ b/oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py
@@ -114,7 +114,7 @@ class ResourceOwnerPasswordCredentialsGrant(GrantTypeBase):
             log.debug('Client error in token request, %s.', e)
             return headers, e.json, e.status_code
 
-        token = token_handler.create_token(request, self.refresh_token)
+        token = token_handler.create_token(request, self.refresh_token, save_token=False)
 
         for modifier in self._token_modifiers:
             token = modifier(token)
author	Joel Stevenson <jstevenson@bepress.com>	2016-04-29 09:29:22 -0700
committer	Joel Stevenson <jstevenson@bepress.com>	2016-04-29 09:29:22 -0700
commit	2f7fd6cde2e10a9980ad4ef2e438d6b93769e613 (patch)
tree	f898092850c8d7a23a8037684b80443bb18cfa3f /oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py
parent	0fee646124b4af3cdf16189c64ac64777bc1c919 (diff)
download	oauthlib-2f7fd6cde2e10a9980ad4ef2e438d6b93769e613.tar.gz