While fixing databricks/dbt-databricks#337 I found that the same bug plagueing dbt-databricks affects pysql as well.

To reproduce this issue:

1. Add an intentionally bad ~/.netrc to your workstation, like this:

machine <my-workspace>.cloud.databricks.com
login token
password <expired_token>

2. Try to run the interactive_oauth.py example using the same host name specified in the .netrc file.
3. You'll receive this exception:

    access_token = oauth_response["access_token"]
KeyError: 'access_token'

The fix

Straightforward: force requests to not use the .netrc file when making requests to Databricks OAuth endpoints. These requests are unauthenticated (no auth header is required). The bug here is that if you include an auth header in the request to https://****.staging.cloud.databricks.com/oidc/v1/token the Databricks runtime will return an error response. oauth.py looks for access_token in this response and doesn't find one, so it raises an Exception.

If .netrc is present, requests always uses it. Even for these requests that are supposed to be unauthenticated. So we need to force it to not do this.