This PR fixes a bug where we send code_challenge in the authorize request when we shouldn't be. We should only be sending a codeChallenge to the authorize endpoint in cases where we want to exchange auth code for auth token on device.
Changes
Made AuthorizeRequest's codeChallenge property optional
Changed AuthorizeRequest's payload to only set code_challenge_method if codeChallenge is non-nil
From AuthorizationCodeAuthProvider, only send pace.codeChallenge if shouldExchangeAuthCode is true
Testing
Added unit tests to verify code_challenge and code_challenge_method are not being sent for both inApp and native login destinations
Description
This PR fixes a bug where we send code_challenge in the authorize request when we shouldn't be. We should only be sending a codeChallenge to the authorize endpoint in cases where we want to exchange auth code for auth token on device.
Changes
codeChallenge
property optionalcode_challenge_method
ifcodeChallenge
is non-nilshouldExchangeAuthCode
is trueTesting
code_challenge
andcode_challenge_method
are not being sent for both inApp and native login destinations