README.txt

pyoauth2: OAuth 2.0 Client and Provider Library
===============================================

Supported Request Flows
-----------------------

(1) Authorization Code Grant :: OAuth 2 Section 4.1

    (1A) Authorization Request :: OAuth 2 Section 4.1.1

        [For browser apps this happens in the window]
        Request: GET /get_authorization_code
                        ?response_type=code
                        &client_id={CLIENT_ID}
                        &redirect_uri={REDIRECT_URI}
                        [&state={STATE}]
                        [&scope={SCOPE}]

        Response: HTTP 302
                    Location={REDIRECT_URI}
                        ?code={CODE}
                        &state={STATE}

        Error Response: HTTP 302
                    Location={REDIRECT_URI}
                        ?error=access_denied
                        &state={STATE}

    (1B) Access Token Request :: OAuth 2 Section 4.1.3

        [Server side only]
        Request: GET /get_access_token
                        ?grant_type=authorization_code
                        &client_id={CLIENT_ID}
                        &client_secret={CLIENT_SECRET}
                        &redirect_uri={REDIRECT_URI}
                        &code={CODE}

        Response: HTTP 200
                    {
                       "access_token": "{ACCESS_TOKEN}",
                       "token_type": "{TOKEN_TYPE}",      // See OAuth 2 Section 7.1 Access Token Types
                       "expires_in": 3600,
                       "refresh_token": "{REFRESH_TOKEN}"
                     }

        Error Response: HTTP 400
                    {
                        "error": "access_denied",
                        "error_description": "User does not have access to the team."
                    }