I see in #60 that there was an addition to allow a Client to pass additional parameters to requests, but at 1st glance, it looks like the App.create() method uses a urllib getter that doesn't allow any manipulation of the session used to get access the URL that contains the OpenAPI JSON definition. Is that correct, or did I miss an intended pattern to allow dealing with cert issues, auth methods, and potentially required headers when pulling the JSON definitions via remote URL?

Thanks!