TokensΒΆ
The main token type of OAuth 2 is Bearer tokens and that is what OAuthLib currently supports. Other tokens, such as JWT, SAML and possibly MAC (if the spec matures) can easily be added (and will be in due time).
The purpose of a token is to authorize access to protected resources to a client (i.e. your G+ feed).
The spec requires a token_type
in access token responses, but some
providers, notably Facebook, do not provide this information. Per the
robustness principle, we default to the Bearer
token type if this value
is missing. You can force a MissingTokenTypeError
exception instead, by
setting OAUTHLIB_STRICT_TOKEN_TYPE
in the environment.