4.获得授权(4. Obtaining Authorization)

 为了请求访问令牌，客户端从资源所有者获得授权。授权表现为授权许可的形式，客户端用它请求访问令牌。OAuth定义了四种许可类型：授权码、隐式许可、资源所有者密码凭据和客户端凭据。它还提供了扩展机制定义其他许可类型。

4. Obtaining Authorization

   To request an access token, the client obtains authorization from the
   resource owner.  The authorization is expressed in the form of an
   authorization grant, which the client uses to request the access
   token.  OAuth defines four grant types: authorization code, implicit,
   resource owner password credentials, and client credentials.  It also
   provides an extension mechanism for defining additional grant types.