diff --git a/realms/modules/auth/oauth/models.py b/realms/modules/auth/oauth/models.py
index 1004d7e..e8a9492 100644
--- a/realms/modules/auth/oauth/models.py
+++ b/realms/modules/auth/oauth/models.py
@@ -111,9 +111,7 @@ class User(BaseUser):
         return users.get(user_id)
 
     @staticmethod
-    def auth(provider, data, resp):
-        oauth_token = resp.get(User.get_provider_value(provider, 'token_name'))
-        session[provider + "_token"] = (oauth_token, '')
+    def auth(provider, data, oauth_token):
         field_map = providers.get(provider).get('field_map')
         if not field_map:
             raise NotImplementedError
diff --git a/realms/modules/auth/oauth/views.py b/realms/modules/auth/oauth/views.py
index b80f00e..7daec3a 100644
--- a/realms/modules/auth/oauth/views.py
+++ b/realms/modules/auth/oauth/views.py
@@ -29,9 +29,11 @@ def callback(provider):
         flash('Access denied: %s' % e.message)
         return redirect(next_url)
 
+    oauth_token = resp.get(User.get_provider_value(provider, 'token_name'))
+    session[provider + "_token"] = (oauth_token, '')
     profile = User.get_provider_value(provider, 'profile')
     data = remote_app.get(profile) if profile else resp
 
-    User.auth(provider, data, resp)
+    User.auth(provider, data, oauth_token)
 
     return redirect(next_url)