Restructure PKCE handling #400
Description
This issue is here to track improvements whenever we start work on a new major release since it will cause breaking changes. It is not intended to be solved right now.
Current situation
PKCE will only be requested when the pkce_verifier option is passed.
Desired
PKCE will automatically be enabled & a secret generated if there's supported code challenges. The result of the authorization function should result in both a url and the PKCE verifier if one was used.