Add option to send client credentials in HTTP Header or request Body for client_credentials grant type

Problem/Motivation

Currently, when using the client_credentials grant type, the feeds_http_oauth module sends the client_id and client_secret exclusively in the request body (FORM_PARAMS).

However, many OAuth 2.0 providers (and the OAuth 2.0 specification itself) allow or require these credentials to be sent using HTTP Basic Authentication in the request headers. Without the ability to choose the authentication method, the module cannot connect to APIs that strictly require header-based authentication for client credentials.

Proposed resolution

1. Update the HttpOAuthFetcher plugin to include a new configuration setting: send_client_credentials_in.
2. Modify HttpOAuthFetcherFeedForm to add a radio button field ("Send Client ID and secret in:") allowing users to choose between Header and Body.
3. Use Drupal #states to ensure this field is only visible when the client_credentials grant type is selected.
4. Update HttpOAuthFetcher::getAccessToken() to respect this configuration:
   • If Header is selected, send credentials via Authorization: Basic [base64(id:secret)].
   • If Body is selected, send credentials as form parameters (existing behavior).
5. Update feeds_http_oauth.schema.yml to include the new configuration field.

Remaining tasks

Review and testing

User interface changes

A new radio button field is added to the OAuth 2.0 settings section of the feed configuration form. It only appears when "Client Credentials" is the selected grant type.

API changes

None.

Data model changes

Added send_client_credentials_in (string) to the feeds.fetcher.http_oauth configuration mapping.