thanks alot for this!! i spent maybe 2 days trying to figure out what is wrong with this plugin, then me, then several of my sites and hostings, and yes, all of them, apparently, use php as fast-cgi, and damnit....
but thanks for this post, even that is never received any continuation. if you're still interested, i have applied it to the plugin and it works like a charm now!!
all you need to do is edit .htaccess as it explains in that link you posted, and use one of suggestions that has "remove" in it.. or just try each one. and insert the code they give in class-wp-json-server.php around 100th line, in function check_authentication(), before the second empty return;
OAuth, no matter how i tried, didn't work for me either... but that is a different story,,.