Remove usages of access_token query param for github API

src/Packagist/WebBundle/Package/Updater.php

@@ -118,8 +118,8 @@ class Updater
                     }
 
                     if (true !== $valid) {
-                        $context = stream_context_create(['http' => ['header' => 'User-agent: packagist-token-check']]);
-                        $rate = json_decode(@file_get_contents('https://api.github.com/rate_limit?access_token='.$newGithubToken, false, $context), true);
+                        $context = stream_context_create(['http' => ['header' => ['User-agent: packagist-token-check', 'Authorization: token '.$newGithubToken]]]);
+                        $rate = json_decode(@file_get_contents('https://api.github.com/rate_limit', false, $context), true);
                         // invalid/outdated token, wipe it so we don't try it again
                         if (!$rate && (strpos($http_response_header[0], '403') || strpos($http_response_header[0], '401'))) {
                             $maintainer->setGithubToken(null);

src/Packagist/WebBundle/Service/GitHubUserMigrationWorker.php

@@ -213,14 +213,8 @@ class GitHubUserMigrationWorker
 
     private function request(string $token, string $method, string $url, array $json = null): Response
     {
-        if (strpos($url, '?')) {
-            $url .= '&access_token='.$token;
-        } else {
-            $url .= '?access_token='.$token;
-        }
-
         $opts = [
-            'headers' => ['Accept' => 'application/vnd.github.v3+json'],
+            'headers' => ['Accept' => 'application/vnd.github.v3+json', 'Authorization: token '.$token],
         ];
 
         if ($json) {