fix: use basic auth header for OAuth2 token exchange

[ethanmlam]

Summary

Fix OAuth2 token exchange against X by sending the client credentials via the HTTP Basic authorization header.

Without this, X rejects the token exchange with:

unauthorized_client: Missing valid authorization header

Why

The OAuth2 config currently leaves Endpoint.AuthStyle unset, which allows the OAuth2 package to choose/discover how client credentials are sent. In practice, X expects the token request to authenticate the client using the Authorization header.

Setting:

AuthStyle: oauth2.AuthStyleInHeader

matches X's expected OAuth2 token exchange behavior.

Verification

• Reproduced failure locally with X OAuth2 app auth: TokenExchangeError, Missing valid authorization header
• Applied this patch and successfully completed OAuth2 for @ethanmlam
• Verified xurl whoami returns the authenticated X user
• Ran go test ./...

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

---

Ethan Lam seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}