[reddit] don't send OAuth headers for file downloads (fixes #729)

mikf · May 8, 2020 · 0bf0146 · 0bf0146
1 parent ba42ec3
commit 0bf0146
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 12 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,7 @@
 # Changelog
 
+## Unreleased
+
 ## 1.13.6 - 2020-05-02
 ### Additions
 - [patreon] respect filters and sort order in query parameters ([#711](https://github.com/mikf/gallery-dl/issues/711))

diff --git a/gallery_dl/extractor/reddit.py b/gallery_dl/extractor/reddit.py
@@ -229,13 +229,12 @@ def __init__(self, extractor):
         user_agent = extractor.config("user-agent", self.USER_AGENT)
 
         if (client_id == self.CLIENT_ID) ^ (user_agent == self.USER_AGENT):
-            self.client_id = None
-            self.log.warning(
+            raise exception.StopExtraction(
                 "Conflicting values for 'client-id' and 'user-agent': "
                 "overwrite either both or none of them.")
-        else:
-            self.client_id = client_id
-            extractor.session.headers["User-Agent"] = user_agent
+
+        self.client_id = client_id
+        self.headers = {"User-Agent": user_agent}
 
     def submission(self, submission_id):
         """Fetch the (submission, comments)=-tuple for a submission id"""
@@ -277,13 +276,15 @@ def morechildren(self, link_id, children):
 
     def authenticate(self):
         """Authenticate the application by requesting an access token"""
-        access_token = self._authenticate_impl(self.refresh_token)
-        self.extractor.session.headers["Authorization"] = access_token
+        self.headers["Authorization"] = \
+            self._authenticate_impl(self.refresh_token)
 
     @cache(maxage=3600, keyarg=1)
     def _authenticate_impl(self, refresh_token=None):
         """Actual authenticate implementation"""
         url = "https://www.reddit.com/api/v1/access_token"
+        self.headers["Authorization"] = None
+
         if refresh_token:
             self.log.info("Refreshing private access token")
             data = {"grant_type": "refresh_token",
@@ -294,9 +295,9 @@ def _authenticate_impl(self, refresh_token=None):
                                    "grants/installed_client"),
                     "device_id": "DO_NOT_TRACK_THIS_DEVICE"}
 
-        auth = (self.client_id, "")
         response = self.extractor.request(
-            url, method="POST", data=data, auth=auth, fatal=False)
+            url, method="POST", headers=self.headers,
+            data=data, auth=(self.client_id, ""), fatal=False)
         data = response.json()
 
         if response.status_code != 200:
@@ -307,9 +308,10 @@ def _authenticate_impl(self, refresh_token=None):
 
     def _call(self, endpoint, params):
         url = "https://oauth.reddit.com" + endpoint
-        params["raw_json"] = 1
+        params["raw_json"] = "1"
         self.authenticate()
-        response = self.extractor.request(url, params=params, fatal=None)
+        response = self.extractor.request(
+            url, params=params, headers=self.headers, fatal=None)
 
         remaining = response.headers.get("x-ratelimit-remaining")
         if remaining and float(remaining) < 2:

diff --git a/gallery_dl/version.py b/gallery_dl/version.py
@@ -6,4 +6,4 @@
 # it under the terms of the GNU General Public License version 2 as
 # published by the Free Software Foundation.
 
-__version__ = "1.13.6"
+__version__ = "1.14.0-dev"