The nonce is not included in the authorization url if "openid" is not the first scope

[KrYpTeD974]

Describe the bug

The nonce is not included in the authorization url if "openid" is not the first scope because it only checks if the scope startswith openid

To Reproduce

A minimal example to reproduce the behavior:

Expected behavior

The nonce should be included in the authorization url even if it is not the first scope.

Environment:

• OS: Windows 10
• Python Version: 3.9
• Authlib Version: 1.0.0

Additional context

Add any other context about the problem here.

The problem seems to be in the _create_oauth2_authorization_url method of the integrations/base_client/sync_app.py file.

        scope = kwargs.get('scope', client.scope)
        if scope and scope.startswith('openid'):
            # this is an OpenID Connect service
            nonce = kwargs.get('nonce')
            if not nonce:
                nonce = generate_token(20)
                kwargs['nonce'] = nonce
            rv['nonce'] = nonce

Checking only if the scope starts with openid could lead to errors difficult to debug.
Maybe it could be replaced by : 'openid' in scope.split(" ").

Is this intended?