@ob-stripe Looks good to me! This feels like it strips some complexity out and standardizes on some standard paths, so big +1.

The one thing I'm not happy about is the OAuthInvalidRequestError class name, to differentiate it from the existing InvalidRequestError class. I think it might be worth it moving all the OAuth errors in a different module, e.g. oauth_error, so they have their own namespace and we can reuse the InvalidRequestError class name.

Yeah, in my opinion adding a new module here would be fine.

This is technically a breaking change, but we never documented this feature (and won't until ~all libraries support it) so I don't think this necessarily warrants a major version bump.

Good point. I just ran a Splunk query and it doesn't look there's any activity on /oauth/token coming from stripe-python right now (checked the last 24 hours and re-running for the last week now), so yeah it might be fine to refactor this a bit.

Quick follow up: no requests from stripe-python to /oauth/token over the last week, so I think we're okay.

Alright, I moved the OAuth error classes into their own oauth_error module.

ptal @brandur-stripe

Nice!

Just out of curiosity, any thoughts on oauth_error versus error.oauth or error.oauth_error? I don't mind that much either way, but I just wanted to make sure we thought about it.

@brandur-stripe Great point, I hadn't thought of this. I agree that error.oauth would be a bit better so I gave it a try, but I ran into some issues. Doing this requires turning error from a module (error.py) into a package (error/__init__.py) so we can create the oauth.py submodule inside the error namespace.

This works on Python 2, but apparently causes circular import errors on Python 3 for some reason. This is probably fixable but I'm wary that changing how the imports are done could cause some unforeseen side-effects, so I'd rather play it safe and reverted to using the oauth_error module.

This works on Python 2, but apparently causes circular import errors on Python 3 for some reason. This is probably fixable but I'm wary that changing how the imports are done could cause some unforeseen side-effects, so I'd rather play it safe and reverted to using the oauth_error module.

Thanks for looking into it; that sounds good to me. I don't think there's a huge ergonomic different either way, so it seems fine to leave as oauth_error.

As discussed, released as 1.59.0.