Merge pull request #256 from requests/issue/254

Prefer user-supplied auth credentials.

Author: Lukasa

requests_oauthlib/oauth2_session.py

@@ -333,8 +333,10 @@ def request(self, method, url, data=None, headers=None, withhold_token=False,
                 if self.auto_refresh_url:
                     log.debug('Auto refresh is set, attempting to refresh at %s.',
                               self.auto_refresh_url)
-                    auth = None
-                    if client_id and client_secret:
+
+                    # We mustn't pass auth twice.
+                    auth = kwargs.pop('auth', None)
+                    if client_id and client_secret and (auth is None):
                         log.debug('Encoding client_id "%s" with client_secret as Basic auth credentials.', client_id)
                         auth = requests.auth.HTTPBasicAuth(client_id, client_secret)
                     token = self.refresh_token(