OAuth 2 is the authentication protocol underpinning OpenID Connect.
Mention that explicitly for the benefit of folks looking for information on using
requests with OpenID Connect that don't yet know that OAuth 2 is the
relevant underlying authentication protocol.
The previous summary gave the impression that requests-oauthlib only supports
OAuth 1.
This updates makes it clear that it also supports OAuth 2, and links directly to the
use case specific authentication flow guides.
Generally if a kwarg is present it indicates that an option other than the
default is being specified. Putting `verify=True` in the first code sample
for SSL confused me, because it seemed to indicate that you had to specify
`verify=True` to get SSL verification. The opposite is true; SSL verification
is turned on by default and you have to specify `verify=False` to opt out of
SSL verification.
Updates the docs to make this more clear. Furthermore, connections to
https://kennethreitz.com currently time out instead of presenting an invalid
certificate, so I replaced this domain with https://requestb.in, which presents
the same error message as is currently there.
Using "server.crt" is confusing as one may try to put the server certificate while this is really the client certificate that should be put here. Instead, use "client.cert", "client.key" and "client.pem".
This closes#2062 by clarifying in the docs which auth
header takes precedence:
1st auth=
2nd .netrc
3rd headers=
This precedence order is already tested in test_requests.py,
in the test_basicauth_with_netrc method. Perhaps we should
add further tests for non-basic auth schemes.
kennethreitz
Anthony Shaw