The main token type of OAuth 2 is Bearer tokens and that is what OAuthLib currently supports. Other tokens, such as SAML and MAC can easily be added.
The purpose of a token is to authorize access to protected resources to a client (i.e. your G+ feed).
The spec requires a
token_type in access token responses, but some
providers, notably Facebook, do not provide this information. Per the
robustness principle, we default to the
Bearer token type if this value
is missing. You can force a
MissingTokenTypeError exception instead, by
OAUTHLIB_STRICT_TOKEN_TYPE in the environment.