fix oauth refresh bug (#255)

Graeme22 · web-flow · commit 4f0f6869cc12 · 2025-06-11T12:19:24.000-05:00
diff --git a/tastytrade/__init__.py b/tastytrade/__init__.py
@@ -4,7 +4,7 @@
 BACKTEST_URL = "https://backtester.vast.tastyworks.com"
 CERT_URL = "https://api.cert.tastyworks.com"
 VAST_URL = "https://vast.tastyworks.com"
-VERSION = "10.2.2"
+VERSION = "10.2.3"
 
 __version__ = VERSION
 version_str: str = f"tastyware/tastytrade:v{VERSION}"
diff --git a/tastytrade/session.py b/tastytrade/session.py
@@ -578,14 +578,18 @@ def refresh(self) -> None:
         """
         Refreshes the acccess token using the stored refresh token.
         """
-        response = self.sync_client.post(
+        request = self.sync_client.build_request(
+            "POST",
             "/oauth/token",
             json={
                 "grant_type": "refresh_token",
                 "client_secret": self.provider_secret,
                 "refresh_token": self.refresh_token,
             },
         )
+        # Don't send the Authorization header for this request
+        request.headers.pop("Authorization", None)
+        response = self.sync_client.send(request)
         validate_response(response)
         data = response.json()
         # update the relevant tokens
@@ -602,14 +606,18 @@ async def a_refresh(self) -> None:
         """
         Refreshes the acccess token using the stored refresh token.
         """
-        response = await self.async_client.post(
+        request = self.async_client.build_request(
+            "POST",
             "/oauth/token",
             json={
                 "grant_type": "refresh_token",
                 "client_secret": self.provider_secret,
                 "refresh_token": self.refresh_token,
             },
         )
+        # Don't send the Authorization header for this request
+        request.headers.pop("Authorization", None)
+        response = await self.async_client.send(request)
         validate_response(response)
         data = response.json()
         # update the relevant tokens
diff --git a/tests/test_instruments.py b/tests/test_instruments.py
@@ -147,15 +147,25 @@ async def test_get_option_chain_async(session: Session):
     chain = await a_get_option_chain(session, "SPY")
     assert chain != {}
     for options in chain.values():
-        await Option.a_get(session, options[0].symbol)
+        single = await Option.a_get(session, options[0].symbol)
+        multiple = await Option.a_get(session, [options[0].symbol, options[1].symbol])
+        assert isinstance(single, Option)
+        assert isinstance(multiple, list)
         break
 
 
 def test_get_option_chain(session: Session):
     chain = get_option_chain(session, "SPY")
     assert chain != {}
     for options in chain.values():
-        Option.get(session, options[0].symbol)
+        single = Option.get(session, options[0].symbol)
+        # test setting symbol
+        old = single.streamer_symbol
+        single._set_streamer_symbol()
+        assert single.streamer_symbol == old
+        multiple = Option.get(session, [options[0].symbol, options[1].symbol])
+        assert isinstance(single, Option)
+        assert isinstance(multiple, list)
         break
 
 
