As discussed in #6, add a stricter check for Bearer in the Authorization header.
Also fixed an issue in the remove_grant handler in the simple.js example.
use authorization header iff it starts with Bearer
remove_grant doesn't get a req argument
i already implemented your suggestion on the v1 branch in 8cb4ed0
Fix signature of remove_grant callback.
Cool. Thanks. What's holding you back from merging and pushing a new release? Anything I can help with?
I've pushed 1.0.0 to npm with no changes.
Awesome - thanks!