Requests-oauthlib

++++++++++++++++++++++++

Full set of changes are in [github](https://github.com/requests/requests-oauthlib/milestone/4?closed=1).

Additions & changes:

- ``OAuth2Session`` now correctly uses the ``self.verify`` value if ``verify``
is not overridden in ``fetch_token`` and ``refresh_token``. Fixes `404
<https://github.com/requests/requests-oauthlib/issues/404>`_.
- ``OAuth2Session`` constructor now uses its ``client.scope`` when a ``client``
is provided and ``scope`` is not overridden. Fixes `408
<https://github.com/requests/requests-oauthlib/issues/408>`_
- Add ``refresh_token_request`` and ``access_token_request`` compliance hooks
- Add PKCE support and Auth0 example
- Add support for Python 3.8-3.12
- Remove support of Python 2.x, <3.7
- Migrated to Github Action
- Updated dependencies
- Cleanup some docs and examples

++++++++++++++++++++++++

- Version 2.0.0 published initially as 1.4.0, it was yanked eventually.

++++++++++++++++++++++++

- Add initial support for OAuth Mutual TLS (draft-ietf-oauth-mtls)
- Removed outdated LinkedIn Compliance Fixes
- Add eBay compliance fix
- Add Spotify OAuth 2 Tutorial
- Add support for python 3.8, 3.9
- Fixed LinkedIn Compliance Fixes
- Fixed ReadTheDocs Documentation and sphinx errors
- Moved pipeline to GitHub Actions

++++++++++++++++++++++++

- Instagram compliance fix
- Added ``force_querystring`` argument to fetch_token() method on OAuth2Session

++++++++++++++++++++++++

- This project now depends on OAuthlib 3.0.0 and above. It does **not** support
versions of OAuthlib before 3.0.0.
- Updated oauth2 tests to use 'sess' for an OAuth2Session instance instead of `auth`
because OAuth2Session objects and methods acceept an `auth` paramether which is
typically an instance of `requests.auth.HTTPBasicAuth`
- `OAuth2Session.fetch_token` previously tried to guess how and where to provide
"client" and "user" credentials incorrectly. This was incompatible with some
OAuth servers and incompatible with breaking changes in oauthlib that seek to
correctly provide the `client_id`. The older implementation also did not raise
the correct exceptions when username and password are not present on Legacy
clients.
- Avoid automatic netrc authentication for OAuth2Session.

+++++++++++++++++++++++

- Adjusted version specifier for ``oauthlib`` dependency: this project is
not yet compatible with ``oauthlib`` 3.0.0.
- Dropped dependency on ``nose``.
- Minor changes to clean up the code and make it more readable/maintainable.