Maybe. But if you are after pure OAuth2-compliant implementation, you need to ignore URL parameters. The OAuth2 v31 spec says it:
4.1.3. Access Token Request
The client makes a request to the token endpoint by sending the
following parameters using the "application/x-www-form-urlencoded"
format per Appendix B with a character encoding of UTF-8 in the HTTP
If you don't strive for 100% compliancy, then of course it's more convenient to accept also URL parametrs. It's all about what the code is after I guess.
Btw. just saw that OAuth 2.0 spec has been turned into RFC lately: http://dickhardt.org/2012/10/oauth-2-0/