From 0464cf41ca433e1123b4e0801bef2ac9f8fa4950 Mon Sep 17 00:00:00 2001
From: JMPerez <jmperez1985@gmail.com>
Date: Mon, 3 Nov 2014 11:06:34 +0100
Subject: [PATCH] Change how credentials are sent when requesting tokens

The preferred way to send the credentials is through the Authorization
header, ase documented on the Spotify Developer Site
(see https://developer.spotify.com/web-api/authorization-guide/#authorization_code_flow)
---
 authorization_code/app.js | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/authorization_code/app.js b/authorization_code/app.js
index 4f72903..588dea1 100644
--- a/authorization_code/app.js
+++ b/authorization_code/app.js
@@ -76,9 +76,10 @@ app.get('/callback', function(req, res) {
       form: {
         code: code,
         redirect_uri: redirect_uri,
-        grant_type: 'authorization_code',
-        client_id: client_id,
-        client_secret: client_secret
+        grant_type: 'authorization_code'
+      },
+      headers: {
+        'Authorization': 'Basic ' + (new Buffer(client_id + ':' + client_secret).toString('base64'))
       },
       json: true
     };