feat: adds support for Authorization Code (with OpenID) + PKCE.

[matthewhartstonge]

This PR moves the index/home page into the oauth2client package so that the PKCE code_verifier + code_challenge requirements were scoped into the one package, otherwise it got a bit messy injecting the code_verifier+code_challenge between main+oauth2client.

Overview:

• code_verifier + code_challenge is generated when loading the index/home page.
• The generated code_challenge is pushed into the "Authorize code grant (with OpenID Connect) with PKCE" link
• A isPKCE cookie gets set on clicking the "Authorize code grant (with OpenID Connect) with PKCE" link.
• When hitting the callback route, the client detects if the isPKCE cookie is set and if so will send code_verifier when requesting the access token.
• Loading the callback page will always remove the isPKCE cookie.
• Loading the index/home page will always remove the isPKCE cookie.

[coveralls]

Coverage remained the same at 0.0% when pulling 01fed55e162313c58102405735dc7b6481b38248 on matthewhartstonge:feature/add-support-for-authorization-code-openid-and-pkce into 6be55555b0268c60c2fc8afa1838a71a26e15fa8 on ory:master.

[aeneasr]

🎉