Use BrokenAuth setter they mercifully added to oauth2.

Previously there was an uneditable list of "broken" auth implementations
that don't adhere perfectly to the spec.  And no way to edit the list
because it's private to the package. Forking it and changing the
hardcoded list was the only way. They've relented and added this
RegisterBrokenAuthHeaderProvider function. Just in time, since I was
having awful conflicts from my fork not matching some libraries that
required tokens passed of the original version's type.

client/client.go

@@ -3,10 +3,23 @@ package client
 import (
 	"net/http"
 
-	"github.com/G5/oauth2"
 	"golang.org/x/net/context"
+	"golang.org/x/oauth2"
 )
 
+func init() {
+	// Apparently Doorkeeper doesn't follow the RFC exactly on how secrets are
+	// passed. Don't worry, it's far from alone in this behavior, and joins a
+	// bunch of well-known services in being "broken". A lot of libraries will
+	// detect this behavior, but not this one, it's being passive-aggressive and
+	// forcing you to register auth providers you want to use that don't follow
+	// the convention. At least they're letting you register, I had to fork this
+	// library to get G5 Auth in there before. Anywho, this will break if you try
+	// and use a custom auth server, but I'll cross that bridge when I get to it.
+	oauth2.RegisterBrokenAuthHeaderProvider("https://auth.g5search.com/")
+	oauth2.RegisterBrokenAuthHeaderProvider("https://dev-auth.g5search.com/")
+}
+
 // PasswordAuthenticatedClientFromConfig handles some boilerplate for
 // service-to-service username/password authenticated client creation for you.
 // Config should likely be created by one of the convenience functions in

client/config.go

@@ -6,7 +6,7 @@ import (
 	"net/http"
 	"os"
 
-	"github.com/G5/oauth2"
+	"golang.org/x/oauth2"
 )
 
 // Variables to communicate with the auth server and request credentials. Not