Authorization endpoint does not observe oauth2 spec for `scope` parameter

[jfilipe]

According to http://tools.ietf.org/html/rfc6749#section-3.3, the parameter name for specifying scopes in the authorization grant is scope. Currently, django-oauth-toolkit supports a plural scopes parameter which does not adhere to the spec.

The AllowForm https://github.com/evonove/django-oauth-toolkit/blob/0.6.0/oauth2_provider/forms.py#L9 and multiple areas in the AuthorizationView https://github.com/evonove/django-oauth-toolkit/blob/0.6.0/oauth2_provider/views/base.py#L93 will have to be updated to support a scope parameter.

[synasius]

Hi @jfilipe

The scopes parameter is used in the form that asks the user to grant the authorization. RFC6749 does not say how this should be done and, therefore, this implementation is permitted.

I understand it can be confusing to use such similar name and may even think of renaming it but I do not think it is a priority.

Thnx

[jfilipe]

Created a PR. Closing this issue as it's being tracked in #101