According to draft 20, standard basic authorization is the only
header variable required (this does not apply to extended grant types).
Implementing classes may need to override this function if need be.
See also:
http://tools.ietf.org/html/draft-ietf-oauth-v2-20#section-2.4.1