client attempts to use the token for auth

[samskiter]

Following [self setAuthorizationHeaderWithCredential:credential]; if the server invalidates the token, another call to authenticate will cause a failure from the server due to trying to use the credential token to auth.

In addition to adding Basic Auth, I think [self setAuthorizationHeaderWithCredential:credential]; should be removed (the docs clearly stated that the client should be used standalone and credentials transferred to a subclass of AFHTTPClient) OR [self setAuthorizationHeaderWithUsername:self.clientID password:self.secret]; should be called before every auth attempt.

I believe this did not cause issue previously as the clientID and secret were being sent in the form data of the auth request and the server was happy to accept this and ignore the authorization header field. Now I am using basic auth there is a conflict in the auth header being set.

[conradev]

This should be added to your previous pull request, instead of made into a new one.

But yes, that but of code is slated for removal (see #55)

[samskiter]

sorry, I saw this as sort of orthogonal to the other pull request. Fair enough if its being removed anyway.