From 98a81c9fbdfb48b783703dc664c8ec9b2e858aff Mon Sep 17 00:00:00 2001
From: Jeremie Dokime <jnau5@yahoo.com>
Date: Mon, 23 Nov 2015 10:10:00 +0100
Subject: [PATCH] Send client_secret when get oauth2 refresh_token

With some oauth2 providers, the oauth client_secret is required when getting a refresh_token.
---
 gluon/contrib/login_methods/oauth20_account.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/gluon/contrib/login_methods/oauth20_account.py b/gluon/contrib/login_methods/oauth20_account.py
index bcdd6aef..d9f78a6d 100644
--- a/gluon/contrib/login_methods/oauth20_account.py
+++ b/gluon/contrib/login_methods/oauth20_account.py
@@ -154,10 +154,12 @@ server for requests.  It can be used for the optional"scope" parameters for Face
         code = current.request.vars.code
 
         if code or refresh_token:
-            data = dict(client_id=self.client_id)
+            data = dict(
+                client_id=self.client_id,
+                client_secret=self.client_secret,
+            )
             if code:
                 data.update(
-                    client_secret=self.client_secret,
                     redirect_uri=current.session.redirect_uri,
                     code=code,
                     grant_type='authorization_code'