[Question] Extend token request Validator to add new grant type ?#133

Besides existing grant_types (auth_code, ROPC, implicit, etc), If one need to add a new grant_type similar to ROPC to request access token, how would one proceed ? requirements: 1. Reserve all existing grant types implemented in this project 2. Add a new grant type, say email_verification_code/phone_verification_code. Similar to ROPC for getting access tokens, but it provides (email, and verification code received) / (phone number, and verification code received). (instead of username and password for ROPC) > Use cases in real life: 1) In some apps, you could login via phone/email and verification code. I imagine they implement similar validator as ROPC. 2) In password reset flow, when use enter email/phone, and received verification code, you then verified that he is the resource owner, and then under the hood give him/her an access token, which can then be used to access the endpoint for resetting password. Looking at flask-oauthlib source, it has some suggestion regarding custom validator: ``` @cached_property def server(self): """ All in one endpoints. This property is created automaticly if you have implemented all the getters and setters. However, if you are not satisfied with the getter and setter, you can create a validator with :class:`OAuth2RequestValidator`:: class MyValidator(OAuth2RequestValidator): def validate_client_id(self, client_id): # do something return True And assign the validator for the provider:: oauth._validator = MyValidator() ``` but still could not visualize how, would anyone with more expertise provide some suggestions/pointers I can reference for achieving the requirements above ?