token name in query string is hard-coded to 'access_token'

[Kylotan]

See: https://github.com/idan/oauthlib/blob/master/oauthlib/oauth2/rfc6749/tokens.py#L207

This prevents authentication with services such as Slack which require the token in the URI and for it to be called 'token', not 'access_token'. (https://api.slack.com/web#authentication)

[thedrow]

As far as I recall the standard does say that the URI parameter should be access_token.
We can make it configurable somehow though.
Any suggestions?

[Kylotan]

No, sorry. I don't understand OAuth or the library well enough to comment or suggest a solution. All I know is that I have to extract the token from the OAuth2Session and pass it back as a parameter when accessing the Slack API. If you're sure this is against the spec then maybe someone should contact Slack with reference to that spec and see if they'll change it.

[JonathanHuot]

Closing the issue since the related requests/requests-oauthlib#170 is closed, too. If anybody want this in oauthlib, PR suggestions are welcomed.