Merge pull request #237 from leevigraham/gh-pages

Couple of syntax updates

auth-server-password.md

@@ -22,6 +22,8 @@ $passwordGrant = new \League\OAuth2\Server\Grant\PasswordGrant();
 $passwordGrant->setVerifyCredentialsCallback(function ($username, $password) {
     // implement logic here to validate a username and password, return an ID if valid, otherwise return false
 });
+
+$server->addGrantType($passwordGrant);
 ~~~
 
 
@@ -37,7 +39,7 @@ $router->post('/access_token', function (Request $request) use ($server) {
         $response = $server->issueAccessToken();
         return new Response(
             json_encode($response),
-            200
+            200,
             [
                 'Content-type'  =>  'application/json',
                 'Cache-Control' =>  'no-store',

auth-server-which-grant.md

@@ -90,7 +90,7 @@ This grant is suitable for trusted clients such as a service’s own mobile clie
 
 ~~~ php
 $clientCredentials = new League\OAuth2\Server\Grant\ClientCredentialsGrant();
-server->addGrantType($clientCredentials);
+$server->addGrantType($clientCredentials);
 ~~~
 
 This grant is similar to the resource owner credentials grant except only the client’s credentials are used to authenticate a request for an access token. Again this grant should only be allowed to be used by trusted clients.