Allow users to specify authorization response_type in OAuth2AuthorizationCodeClient

[bytesoverflow]

This PR adds support for specifying the response_type parameter in the OAuth2AuthorizationCodeClient. This allows users to customize the authorization flow, defaulting to 'code' if not provided.

Changes:

• Added an optional responseType field in GetAuthorizeUrlParams.
• Modified the OAuth2 query construction to use the provided responseType or default to 'code'.

Motivation: Apple’s Sign in with Apple allows using a response_type of both 'code' and 'id_token' for authorization, requiring this flexibility in OAuth2 authorization flows.

[evert]

We don't yet expose the id_token from requests to the token endpoint, so there's no real point to specify it in response_type either. id_token is an OpenID Connect extension and as of right now OIDC is not going to be implemented. It was explicitly out of scope for this project, but I've somewhat reconsidered this recently and may work on this somewhere next year.

When I do work on that, I want to take a step back and look at those features a bit more holistically. I appreciate the contributions, but unfortunately I can't accept it at this point in time.

[bytesoverflow]

Agreed but when you specify response_type='code id_token' apple POST the id_token back with the code. The id_token can be decoded to retrieve the user email.

[evert]

Yes I'm aware. This is not an apple-specific thing, you're describing an OICD feature.