From 105a5b2a3153d7177b50cd42abb220d601862805 Mon Sep 17 00:00:00 2001
From: Alex Bilbie <hello@alexbilbie.com>
Date: Fri, 22 Mar 2013 10:40:47 +0000
Subject: [PATCH] Fixed client_id and client_secret retrieval from request in
 conformity with the RFC

---
 src/OAuth2/AuthServer.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/OAuth2/AuthServer.php b/src/OAuth2/AuthServer.php
index 534a816c..483d137c 100644
--- a/src/OAuth2/AuthServer.php
+++ b/src/OAuth2/AuthServer.php
@@ -446,7 +446,13 @@ class AuthServer
     public function getParam($param = '', $method = 'get', $inputParams = array(), $default = null)
     {
         if (is_string($param)) {
-            return (isset($inputParams[$param])) ? $inputParams[$param] : $this->getRequest()->{$method}($param, $default);
+            if(isset($inputParams[$param])) {
+                return $inputParams[$param];
+            } elseif($param == 'client_id' && !is_null($client_id = $this->getRequest()->server('PHP_AUTH_USER'))) {
+                return $client_id;
+            } elseif($param == 'client_secret' && !is_null($client_secret = $this->getRequest()->server('PHP_AUTH_PW'))) {
+                return $client_secret;
+            } else return $this->getRequest()->{$method}($param, $default);
         } else {
             $response = array();
             foreach ($param as $p) {