From aeca36cd94d79fe934f7aa958162079035ca6daf Mon Sep 17 00:00:00 2001
From: Artyom Vancyan <artyom.vancyan2000@gmail.com>
Date: Fri, 20 Dec 2024 12:08:55 +0400
Subject: [PATCH] GH-52: Fix "only one mechanism must be provided" issue

---
 src/fastapi_oauth2/core.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/fastapi_oauth2/core.py b/src/fastapi_oauth2/core.py
index 9f27ed3..62b4cc7 100644
--- a/src/fastapi_oauth2/core.py
+++ b/src/fastapi_oauth2/core.py
@@ -125,8 +125,11 @@ async def token_data(self, request: Request, **httpx_client_args) -> dict:
         async with httpx.AsyncClient(auth=auth, **httpx_client_args) as session:
             try:
                 response = await session.post(token_url, headers=headers, content=content)
-                if response.status_code == 401:
-                    content = re.sub(r"client_id=[^&]+", "", content)
+                if response.is_error:
+                    if response.status_code == 401:
+                        content = re.sub(r"client_id=[^&]+", "", content)
+                    elif response.status_code == 400:
+                        content = re.sub(r"client_secret=[^&]+", "", content)
                     response = await session.post(token_url, headers=headers, content=content)
                 self._oauth_client.parse_request_body_response(json.dumps(response.json()))
                 return self.standardize(self.backend.user_data(self.access_token))