Change how credentials are sent when requesting tokens

The preferred way to send the credentials is through the Authorization
header, ase documented on the Spotify Developer Site
(see https://developer.spotify.com/web-api/authorization-guide/#authorization_code_flow)

authorization_code/app.js

@@ -76,9 +76,10 @@ app.get('/callback', function(req, res) {
       form: {
         code: code,
         redirect_uri: redirect_uri,
-        grant_type: 'authorization_code',
-        client_id: client_id,
-        client_secret: client_secret
+        grant_type: 'authorization_code'
+      },
+      headers: {
+        'Authorization': 'Basic ' + (new Buffer(client_id + ':' + client_secret).toString('base64'))
       },
       json: true
     };