This PR fixes a bug where we send code_challenge in the authorize request when we shouldn't be. We should only be sending a codeChallenge to the authorize endpoint in cases where we want to exchange auth code for auth token on device.
Changes
Made AuthorizeRequest's codeChallenge property optional
Changed AuthorizeRequest's payload to only set code_challenge_method if codeChallenge is non-nil
From AuthorizationCodeAuthProvider, only send pace.codeChallenge if shouldExchangeAuthCode is true
Testing
Added unit tests to verify code_challenge and code_challenge_method are not being sent for both inApp and native login destinations
Description
This PR fixes a bug where we send code_challenge in the authorize request when we shouldn't be. We should only be sending a codeChallenge to the authorize endpoint in cases where we want to exchange auth code for auth token on device.
Changes
codeChallengeproperty optionalcode_challenge_methodifcodeChallengeis non-nilshouldExchangeAuthCodeis trueTesting
code_challengeandcode_challenge_methodare not being sent for both inApp and native login destinations