Correct RFC 6749 implementation (fixes #145)

[lalloni]

Remove "scope" & "client_id" from "token request" in the
"authorization code grant" flow, while keeping "client_id"
in case the provider is one of the known to be broken ones.

This PR fixes #145

[lalloni]

I believe this PR also fixes #110

[adg]

Hi, thanks for your contribution, but we don't use GitHub Pull Requests for code review.

Can you please follow the instructions in our contribution guidelines? Thanks.

[arvenil]

@adg @plalloni What happen to this PR? Was it re-submited?

[adg]

@arvenil I don't think so.

[lalloni]

@arvenil @adg At the time, I began the required process but couldn't finish it... then I had this into my pending stuff since then, mostly because I believed no one cared for it, and we're using my fixed branch anyway...

If there's interest I can try to give it another go.

[arvenil]

@plalloni I'm interested :)

[josephholsten]

@plalloni need a hand to get this submitted?

[josephholsten]

@plalloni ah, I forgot I can't submit for you. Have you completed the CLA?

[lalloni]

Allright, finally I've submitted https://go-review.googlesource.com/#/c/23790/.

[lalloni]

@josephholsten @arvenil @adg I've resubmitted this PR as http://golang.org/cl/23790/ as requested.
I hope I did everything right, but given it's been 2 days already and I've seen no response, I'm afraid I might have done something wrong.
So please if you see anything to be fixed just tell me and I'll try to do it.

[drewwells]

@plalloni I think @josephholsten is referring to the google CLA, you need to sign this to submit code https://cla.developers.google.com/clas

[lalloni]

@drewwells @josephholsten, I did sign the CLA, almost a year ago.
@adg could you please take a look at http://golang.org/cl/23790/?