diff --git a/CHANGELOG.md b/CHANGELOG.md
index f18643fd7..8da0979f1 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,12 @@
 # Changelog
 
+## 2.1.1 (released 2013-06-02)
+
+* Added conditional `isValid()` flag to check for Authorization header only (thanks @alexmcroberts)
+* Fixed semantic meaning of `requireScopeParam()` and `requireStateParam()` by changing their default value to true
+* Updated some duff docblocks
+* Corrected array key call in Resource.php (Issue #63)
+
 ## 2.1 (released 2013-05-10)
 
 * Moved zetacomponents/database to "suggest" in composer.json. If you rely on this feature you now need to include " zetacomponents/database" into "require" key in your own composer.json. (Issue #51)
diff --git a/composer.json b/composer.json
index 2d37cdd98..40db42734 100644
--- a/composer.json
+++ b/composer.json
@@ -1,7 +1,7 @@
 {
 	"name": "league/oauth2-server",
 	"description": "A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.",
-	"version": "2.1",
+	"version": "2.1.1",
 	"homepage": "https://github.com/php-loep/oauth2-server",
 	"license": "MIT",
 	"require": {
diff --git a/src/League/OAuth2/Server/Authorization.php b/src/League/OAuth2/Server/Authorization.php
index fd11316f8..32748d8ad 100644
--- a/src/League/OAuth2/Server/Authorization.php
+++ b/src/League/OAuth2/Server/Authorization.php
@@ -271,7 +271,7 @@ public function getResponseTypes()
      * @param  boolean $require
      * @return void
      */
-    public function requireScopeParam($require = false)
+    public function requireScopeParam($require = true)
     {
         $this->requireScopeParam = $require;
     }
@@ -318,7 +318,7 @@ public function stateParamRequired()
      * @param  boolean $require
      * @return void
      */
-    public function requireStateParam($require = false)
+    public function requireStateParam($require = true)
     {
         $this->requireStateParam = $require;
     }
diff --git a/src/League/OAuth2/Server/Resource.php b/src/League/OAuth2/Server/Resource.php
index be9022084..49f149ee8 100644
--- a/src/League/OAuth2/Server/Resource.php
+++ b/src/League/OAuth2/Server/Resource.php
@@ -173,12 +173,13 @@ public function getClientId()
     /**
      * Checks if the access token is valid or not.
      *
+     * @param $headersOnly Limit Access Token to Authorization header only
      * @throws Exception\InvalidAccessTokenException Thrown if the presented access token is not valid
      * @return bool
      */
-    public function isValid()
+    public function isValid($headersOnly = false)
     {
-        $accessToken = $this->determineAccessToken();
+        $accessToken = $this->determineAccessToken($headersOnly);
 
         $result = $this->storages['session']->validateAccessToken($accessToken);
 
@@ -194,7 +195,7 @@ public function isValid()
 
         $sessionScopes = $this->storages['session']->getScopes($this->accessToken);
         foreach ($sessionScopes as $scope) {
-            $this->sessionScopes[] = $scope['key'];
+            $this->sessionScopes[] = $scope['scope'];
         }
 
         return true;
@@ -237,10 +238,11 @@ public function hasScope($scopes)
     /**
      * Reads in the access token from the headers.
      *
+     * @param $headersOnly Limit Access Token to Authorization header only
      * @throws Exception\MissingAccessTokenException  Thrown if there is no access token presented
      * @return string
      */
-    protected function determineAccessToken()
+    protected function determineAccessToken($headersOnly = false)
     {
         if ($header = $this->getRequest()->header('Authorization')) {
             // Check for special case, because cURL sometimes does an
@@ -251,12 +253,12 @@ protected function determineAccessToken()
             // 2nd request: Authorization: Bearer XXX, Bearer XXX
             if (strpos($header, ',') !== false) {
                 $headerPart = explode(',', $header);
-                $accessToken = preg_replace('/^(?:\s+)?Bearer(\s{1})/', '', $headerPart[0]);
+                $accessToken = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $headerPart[0]));
             } else {
-                $accessToken = preg_replace('/^(?:\s+)?Bearer(\s{1})/', '', $header);
+                $accessToken = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $header));
             }
             $accessToken = ($accessToken === 'Bearer') ? '' : $accessToken;
-        } else {
+        } elseif ($headersOnly === false) {
             $method = $this->getRequest()->server('REQUEST_METHOD');
             $accessToken = $this->getRequest()->{$method}($this->tokenKey);
         }
diff --git a/src/League/OAuth2/Server/Storage/ClientInterface.php b/src/League/OAuth2/Server/Storage/ClientInterface.php
index b98da03d8..725385612 100644
--- a/src/League/OAuth2/Server/Storage/ClientInterface.php
+++ b/src/League/OAuth2/Server/Storage/ClientInterface.php
@@ -50,8 +50,8 @@ interface ClientInterface
      * @param  string     $clientId     The client's ID
      * @param  string     $clientSecret The client's secret (default = "null")
      * @param  string     $redirectUri  The client's redirect URI (default = "null")
-     * @param  string     $grantType    The grant type used in the request
+     * @param  string     $grantType    The grant type used in the request (default = "null")
      * @return bool|array               Returns false if the validation fails, array on success
      */
-    public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType);
+    public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType = null);
 }
\ No newline at end of file
diff --git a/src/League/OAuth2/Server/Storage/PDO/Client.php b/src/League/OAuth2/Server/Storage/PDO/Client.php
index ced1a3caa..1fcb36421 100644
--- a/src/League/OAuth2/Server/Storage/PDO/Client.php
+++ b/src/League/OAuth2/Server/Storage/PDO/Client.php
@@ -6,7 +6,7 @@
 
 class Client implements ClientInterface
 {
-    public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType)
+    public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType = null)
     {
         $db = \ezcDbInstance::get();
 
diff --git a/src/League/OAuth2/Server/Storage/ScopeInterface.php b/src/League/OAuth2/Server/Storage/ScopeInterface.php
index 15eb214b5..60efd9cab 100644
--- a/src/League/OAuth2/Server/Storage/ScopeInterface.php
+++ b/src/League/OAuth2/Server/Storage/ScopeInterface.php
@@ -35,8 +35,8 @@ interface ScopeInterface
      * </code>
      *
      * @param  string     $scope     The scope
-     * @param  string     $clientId  The client ID
-     * @param  string     $grantType The grant type used in the request
+     * @param  string     $clientId  The client ID (default = "null")
+     * @param  string     $grantType The grant type used in the request (default = "null")
      * @return bool|array If the scope doesn't exist return false
      */
     public function getScope($scope, $clientId = null, $grantType = null);
diff --git a/tests/resource/ResourceServerTest.php b/tests/resource/ResourceServerTest.php
index c05966bf3..04f988ca1 100644
--- a/tests/resource/ResourceServerTest.php
+++ b/tests/resource/ResourceServerTest.php
@@ -196,8 +196,8 @@ public function test_isValid_valid()
     	));
 
     	$this->session->shouldReceive('getScopes')->andReturn(array(
-            array('key' =>  'foo'),
-            array('key' =>  'bar')
+            array('scope' =>  'foo'),
+            array('scope' =>  'bar')
         ));
 
    		$request = new League\OAuth2\Server\Util\Request();