Tokens¶
The main token type of OAuth 2 is Bearer tokens and that is what OAuthLib currently supports. Other tokens, such as SAML and MAC can easily be added.
The purpose of a token is to authorize access to protected resources to a client (i.e. your G+ feed).
The spec requires a token_type
in access token responses, but some
providers, notably Facebook, do not provide this information. Per the
robustness principle, we default to the Bearer
token type if this value
is missing. You can force a MissingTokenTypeError
exception instead, by
setting OAUTHLIB_STRICT_TOKEN_TYPE
in the environment.