OAuth2. getOAuthAccessToken() should support HTTP Basic authentication scheme

[astanciu]

Per RFC 6749 it should be possible to supply the Client ID and Client Secret using the HTTP Basic authentication scheme. As far as I can tell, the lib only supports sending the client credentials in the request-body.

This is actually not recommended per the RFC:

Including the client credentials in the request-body using the two
parameters is NOT RECOMMENDED and SHOULD be limited to clients unable
to directly utilize the HTTP Basic authentication scheme (or other
password-based HTTP authentication schemes).

As an example, Reddit only supports getting the access token using Basic authentication

[sebilasse]

I stumbled upon a similar thing with OAuth2.getOAuthAccessToken() :
It does not allow to set any headers at all – https://dev.twitter.com/oauth/application-only is another example, @astanciu @ciaranj

How about below

var post_headers = {
    'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8'
};

-> PASTE ->

if (params.hasOwnProperty('headers') && typeof params.headers === 'object') {
    for (var key in params.headers) {
        post_headers[key] = params.headers[key];
    }
}

Would work for twitter like

OAuth2.prototype.getOAuthAccessToken('', {
  grant_type: 'client_credentials',
  headers: {
    Authorization: ['Basic', b64ConcattedEncodedCredsFromTwitterHere].join(' ')
  }
},
function(e, access_token, refresh_token, res) {
  console.log('twitter access token:', access_token);
});

[sebilasse]

Additionally this is a duplicate of
#243
#205
#175
#143
#89
!

[Baterka]

This is still not resolved? Is it because official OAuth2 specification not using Basic Auth for token generation endpoints?
I am developing app with school OAuth2 server what using Basic Auth