Fix OAuth token endpoints to use Basic Authentication

The generate and revoke token endpoints now correctly declare HTTP Basic Authentication (client ID and client secret) as their authentication method. This fixes incorrect auth code generated by the SDK for these endpoints.