docs: fix typos

20 files changed, 27 insertions, 27 deletions

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index d7882e9..a295568 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -146,7 +146,7 @@ OAuth1.0 Client:
 General fixes:
 
 * $ and ' are allowed to be unencoded in query strings #564
-* Request attributes are no longer overriden by HTTP Headers #409
+* Request attributes are no longer overridden by HTTP Headers #409
 * Removed unnecessary code for handling python2.6
 * Add support of python3.7 #621
 * Several minors updates to setup.py and tox
@@ -204,7 +204,7 @@ General fixes:
 * Added log statements to except clauses.
 * According to RC7009 Section 2.1, a client should include authentication credentials when revoking its tokens.
   As discussed in #339, this is not make sense for public clients.
-  However, in that case, the public client should still be checked that is infact a public client (authenticate_client_id).
+  However, in that case, the public client should still be checked that is in fact a public client (authenticate_client_id).
 * Improved prompt parameter validation.
 * Added two error codes from RFC 6750.
 * Hybrid response types are now be fragment-encoded.
@@ -354,7 +354,7 @@ Quick fix. OAuth 1 client repr in 0.6.2 overwrote secrets when scrubbing for pri
 Draft revocation endpoint features and numerous fixes including:
 
 * (OAuth 2 Provider) is_within_original_scope to check whether a refresh token
-  is trying to aquire a new set of scopes that are a subset of the original scope.
+  is trying to acquire a new set of scopes that are a subset of the original scope.
 
 * (OAuth 2 Provider) expires_in token lifetime can be set per request.
 
diff --git a/README.rst b/README.rst
index 6cc7f39..eb8c452 100644
--- a/README.rst
+++ b/README.rst
@@ -103,7 +103,7 @@ busy and therefore slow to reply but we love feedback!
 
 Chances are you have run into something annoying that you wish there was
 documentation for, if you wish to gain eternal fame and glory, and a drink if we
-have the pleasure to run into eachother, please send a docs pull request =)
+have the pleasure to run into each other, please send a docs pull request =)
 
 .. _`Gitter community`: https://gitter.im/oauthlib/Lobby
 
diff --git a/docs/contributing.rst b/docs/contributing.rst
index 5f05331..19ff9c9 100644
--- a/docs/contributing.rst
+++ b/docs/contributing.rst
@@ -292,7 +292,7 @@ Consolidated example
 		:param client: User's defined Client object, see ``.authenticate_client``.
 		:param bar: Another example.
 		:param key: Another param.
-		:return: Explaination of return value and type
+		:return: Explanation of return value and type
 
 		.. _`MAC Access Authentication`: https://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01
 		"""
diff --git a/docs/faq.rst b/docs/faq.rst
index 4814dcd..e47e3e0 100644
--- a/docs/faq.rst
+++ b/docs/faq.rst
@@ -48,7 +48,7 @@ What does ValueError `Error trying to decode a non urlencoded string` mean?
     include non percent encoded characters such as `£`. Which could be because
     it has already been decoded by your web framework. 
     
-    If you believe it contains characters that should be excempt from this
+    If you believe it contains characters that should be exempt from this
     check please open an issue and state why.
     
      
diff --git a/docs/oauth1/security.rst b/docs/oauth1/security.rst
index 0fd5c4c..d8b7d6b 100644
--- a/docs/oauth1/security.rst
+++ b/docs/oauth1/security.rst
@@ -5,7 +5,7 @@ A few important facts regarding OAuth security
         SSL for all interactions both with your API as well as for setting up
         tokens. An example of when it's especially bad is when sending POST
         requests with form data, this data is not accounted for in the OAuth
-        signature and a successfull man-in-the-middle attacker could swap your
+        signature and a successful man-in-the-middle attacker could swap your
         form data (or files) to whatever he pleases without invalidating the
         signature. This is an even bigger issue if you fail to check
         nonce/timestamp pairs for each request, allowing an attacker who
diff --git a/docs/oauth1/server.rst b/docs/oauth1/server.rst
index 2f30c65..2c01ab7 100644
--- a/docs/oauth1/server.rst
+++ b/docs/oauth1/server.rst
@@ -59,7 +59,7 @@ The client interested in accessing protected resources.
 
 **Client secret**:
     Required for HMAC-SHA1 and PLAINTEXT. The secret the client will use when
-    verifying requests during the OAuth workflow. Has to be accesible as
+    verifying requests during the OAuth workflow. Has to be accessible as
     plaintext (i.e. not hashed) since it is used to recreate and validate
     request signatured::
 
@@ -175,7 +175,7 @@ you should consider expiring them as it increases security dramatically.
 The user and realms will need to be transferred from the request token to the
 access token. It is possible that the list of authorized realms is smaller
 than the list of requested realms. Clients can observe whether this is the case
-by comparing the `oauth_realms` parameter given in the token reponse. This way
+by comparing the `oauth_realms` parameter given in the token response. This way
 of indicating change of realms is backported from OAuth2 scope behaviour and is
 not in the OAuth 1 spec.
 
diff --git a/docs/oauth2/endpoints/endpoints.rst b/docs/oauth2/endpoints/endpoints.rst
index 0dd2da0..f05c44b 100644
--- a/docs/oauth2/endpoints/endpoints.rst
+++ b/docs/oauth2/endpoints/endpoints.rst
@@ -3,7 +3,7 @@ Provider Endpoints
 
 Endpoints in OAuth 2 are targets with a specific responsibility and often
 associated with a particular URL. Because of this the word endpoint might be
-used interchangably from the endpoint url.
+used interchangeably from the endpoint url.
 
 The main three responsibilities in an OAuth 2 flow is to authorize access to a
 certain users resources to a client, to supply said client with a token
diff --git a/docs/oauth2/endpoints/resource.rst b/docs/oauth2/endpoints/resource.rst
index a5ff885..6bd4d6b 100644
--- a/docs/oauth2/endpoints/resource.rst
+++ b/docs/oauth2/endpoints/resource.rst
@@ -5,7 +5,7 @@ Resource authorization
 Resource endpoints verify that the token presented is valid and granted access
 to the scopes associated with the resource in question.
 
-**Request Verfication**
+**Request Verification**
     Each view may set certain scopes under which it is bound. Only requests
     that present an access token bound to the correct scopes may access the
     view. Access tokens are commonly embedded in the authorization header but
diff --git a/docs/oauth2/grants/custom_validators.rst b/docs/oauth2/grants/custom_validators.rst
index 9917dd7..f295e53 100644
--- a/docs/oauth2/grants/custom_validators.rst
+++ b/docs/oauth2/grants/custom_validators.rst
@@ -3,7 +3,7 @@ Custom Validators
 
 The Custom validators are useful when you want to change a particular
 behavior of an existing grant. That is often needed because of the
-diversity of the identity softwares and to let the oauthlib framework to be
+diversity of the identity software and to let the oauthlib framework to be
 flexible as possible.
 
 However, if you are looking into writing a custom grant type, please
diff --git a/docs/oauth2/tokens/bearer.rst b/docs/oauth2/tokens/bearer.rst
index 0776db8..c23efab 100644
--- a/docs/oauth2/tokens/bearer.rst
+++ b/docs/oauth2/tokens/bearer.rst
@@ -79,7 +79,7 @@ And you will find all claims in its decoded form:
 Sometime you may want to generate custom `access_token` with a reference from a
 database (as text) or use a HASH signature in JWT or use JWE (encrypted content).
 
-Also, note that you can declare the generate function in your instanciated
+Also, note that you can declare the generate function in your instantiated
 validator to benefit of the `self` variables.
 
 See the example below:
diff --git a/oauthlib/oauth1/rfc5849/endpoints/request_token.py b/oauthlib/oauth1/rfc5849/endpoints/request_token.py
index bb67e71..0323cfb 100644
--- a/oauthlib/oauth1/rfc5849/endpoints/request_token.py
+++ b/oauthlib/oauth1/rfc5849/endpoints/request_token.py
@@ -152,7 +152,7 @@ class RequestTokenEndpoint(BaseEndpoint):
             request.client_key = self.request_validator.dummy_client
 
         # Note that `realm`_ is only used in authorization headers and how
-        # it should be interepreted is not included in the OAuth spec.
+        # it should be interpreted is not included in the OAuth spec.
         # However they could be seen as a scope or realm to which the
         # client has access and as such every client should be checked
         # to ensure it is authorized access to that scope or realm.
@@ -164,7 +164,7 @@ class RequestTokenEndpoint(BaseEndpoint):
         # workflow where a client requests access to a specific realm.
         # This first step (obtaining request token) need not require a realm
         # and can then be identified by checking the require_resource_owner
-        # flag and abscence of realm.
+        # flag and absence of realm.
         #
         # Clients obtaining an access token will not supply a realm and it will
         # not be checked. Instead the previously requested realm should be
diff --git a/oauthlib/oauth1/rfc5849/endpoints/resource.py b/oauthlib/oauth1/rfc5849/endpoints/resource.py
index 45bdaaa..8641152 100644
--- a/oauthlib/oauth1/rfc5849/endpoints/resource.py
+++ b/oauthlib/oauth1/rfc5849/endpoints/resource.py
@@ -113,7 +113,7 @@ class ResourceEndpoint(BaseEndpoint):
             request.resource_owner_key = self.request_validator.dummy_access_token
 
         # Note that `realm`_ is only used in authorization headers and how
-        # it should be interepreted is not included in the OAuth spec.
+        # it should be interpreted is not included in the OAuth spec.
         # However they could be seen as a scope or realm to which the
         # client has access and as such every client should be checked
         # to ensure it is authorized access to that scope or realm.
@@ -125,7 +125,7 @@ class ResourceEndpoint(BaseEndpoint):
         # workflow where a client requests access to a specific realm.
         # This first step (obtaining request token) need not require a realm
         # and can then be identified by checking the require_resource_owner
-        # flag and abscence of realm.
+        # flag and absence of realm.
         #
         # Clients obtaining an access token will not supply a realm and it will
         # not be checked. Instead the previously requested realm should be
diff --git a/oauthlib/oauth1/rfc5849/request_validator.py b/oauthlib/oauth1/rfc5849/request_validator.py
index d8e4ee4..e937aab 100644
--- a/oauthlib/oauth1/rfc5849/request_validator.py
+++ b/oauthlib/oauth1/rfc5849/request_validator.py
@@ -19,7 +19,7 @@ class RequestValidator:
     Methods used to check the format of input parameters. Common tests include
     length, character set, membership, range or pattern. These tests are
     referred to as `whitelisting or blacklisting`_. Whitelisting is better
-    but blacklisting can be usefull to spot malicious activity.
+    but blacklisting can be useful to spot malicious activity.
     The following have methods a default implementation:
 
     - check_client_key
diff --git a/oauthlib/oauth2/rfc6749/clients/base.py b/oauthlib/oauth2/rfc6749/clients/base.py
index 5cf9be1..d5eb0cc 100644
--- a/oauthlib/oauth2/rfc6749/clients/base.py
+++ b/oauthlib/oauth2/rfc6749/clients/base.py
@@ -267,7 +267,7 @@ class Client:
 
         :param token_url: Provider token creation endpoint URL.
         :param authorization_response: The full redirection URL string, i.e.
-            the location to which the user was redirected after successfull
+            the location to which the user was redirected after successful
             authorization. Used to mine credentials needed to obtain a token
             in this step, such as authorization code.
         :param redirect_url: The redirect_url supplied with the authorization
diff --git a/oauthlib/oauth2/rfc6749/clients/mobile_application.py b/oauthlib/oauth2/rfc6749/clients/mobile_application.py
index cd325f4..b10b41c 100644
--- a/oauthlib/oauth2/rfc6749/clients/mobile_application.py
+++ b/oauthlib/oauth2/rfc6749/clients/mobile_application.py
@@ -55,7 +55,7 @@ class MobileApplicationClient(Client):
         using the "application/x-www-form-urlencoded" format, per `Appendix B`_:
 
         :param redirect_uri:  OPTIONAL. The redirect URI must be an absolute URI
-                              and it should have been registerd with the OAuth
+                              and it should have been registered with the OAuth
                               provider prior to use. As described in `Section 3.1.2`_.
 
         :param scope:  OPTIONAL. The scope of the access request as described by
diff --git a/oauthlib/oauth2/rfc6749/clients/service_application.py b/oauthlib/oauth2/rfc6749/clients/service_application.py
index f4af67a..8fb1737 100644
--- a/oauthlib/oauth2/rfc6749/clients/service_application.py
+++ b/oauthlib/oauth2/rfc6749/clients/service_application.py
@@ -31,7 +31,7 @@ class ServiceApplicationClient(Client):
 
     def __init__(self, client_id, private_key=None, subject=None, issuer=None,
                  audience=None, **kwargs):
-        """Initalize a JWT client with defaults for implicit use later.
+        """Initialize a JWT client with defaults for implicit use later.
 
         :param client_id: Client identifier given by the OAuth provider upon
                           registration.
diff --git a/oauthlib/oauth2/rfc6749/clients/web_application.py b/oauthlib/oauth2/rfc6749/clients/web_application.py
index f1f9556..50890fb 100644
--- a/oauthlib/oauth2/rfc6749/clients/web_application.py
+++ b/oauthlib/oauth2/rfc6749/clients/web_application.py
@@ -49,7 +49,7 @@ class WebApplicationClient(Client):
         using the "application/x-www-form-urlencoded" format, per `Appendix B`_:
 
         :param redirect_uri:  OPTIONAL. The redirect URI must be an absolute URI
-                              and it should have been registerd with the OAuth
+                              and it should have been registered with the OAuth
                               provider prior to use. As described in `Section 3.1.2`_.
 
         :param scope:  OPTIONAL. The scope of the access request as described by
diff --git a/oauthlib/oauth2/rfc6749/endpoints/revocation.py b/oauthlib/oauth2/rfc6749/endpoints/revocation.py
index 737e06c..596d086 100644
--- a/oauthlib/oauth2/rfc6749/endpoints/revocation.py
+++ b/oauthlib/oauth2/rfc6749/endpoints/revocation.py
@@ -95,7 +95,7 @@ class RevocationEndpoint(BaseEndpoint):
         submitted for revocation.  Clients MAY pass this parameter in order to
         help the authorization server to optimize the token lookup.  If the
         server is unable to locate the token using the given hint, it MUST
-        extend its search accross all of its supported token types.  An
+        extend its search across all of its supported token types.  An
         authorization server MAY ignore this parameter, particularly if it is
         able to detect the token type automatically.  This specification
         defines two such values:
diff --git a/oauthlib/oauth2/rfc6749/request_validator.py b/oauthlib/oauth2/rfc6749/request_validator.py
index c047445..3910c0b 100644
--- a/oauthlib/oauth2/rfc6749/request_validator.py
+++ b/oauthlib/oauth2/rfc6749/request_validator.py
@@ -208,7 +208,7 @@ class RequestValidator:
         can be found in `Introspect Claims`_ or `JWT Claims`_.
 
         The implementation can use *token_type_hint* to improve lookup
-        efficency, but must fallback to other types to be compliant with RFC.
+        efficiency, but must fallback to other types to be compliant with RFC.
 
         The dict of claims is added to request.token after this method.
 
@@ -564,7 +564,7 @@ class RequestValidator:
         OBS! The validation should also set the user attribute of the request
         to a valid resource owner, i.e. request.user = username or similar. If
         not set you will be unable to associate a token with a user in the
-        persistance method used (commonly, save_bearer_token).
+        persistence method used (commonly, save_bearer_token).
 
         :param username: Unicode username.
         :param password: Unicode password.
diff --git a/tox.ini b/tox.ini
index c072450..4eb0813 100644
--- a/tox.ini
+++ b/tox.ini
@@ -8,7 +8,7 @@ commands=
     pytest --cov=oauthlib tests/
 
 
-# tox -e docs to mimick readthedocs build.
+# tox -e docs to mimic readthedocs build.
 # as of today, RTD is using python3.7 and doesn't run "setup.py install"
 [testenv:docs]
 basepython=python3.7
@@ -20,7 +20,7 @@ changedir=docs
 whitelist_externals=make
 commands=make clean html
 
-# tox -e readme to mimick PyPI long_description check
+# tox -e readme to mimic PyPI long_description check
 [testenv:readme]
 basepython=python3.8
 deps=twine>=1.12.0