Fix invalid parameters order

see http://php.net/manual/en/function.strpos.php

doc/cookbook/guard_authentication.rst

@@ -52,7 +52,7 @@ AbstractGuardAuthenticator. This requires you to implement six methods:
             }
 
             // Parse the header or ignore it if the format is incorrect.
-            if (false === strpos(':', $token)) {
+            if (false === strpos($token, ':')) {
                 return;
             }
             list($username, $secret) = explode(':', $token, 2);