Support OAuth2 PKCE when using the OIDC authorization_code flow

[ChadKillingsworth]

Description

Security schemes using OIDC did not support PKCE even when enabled in the config. The check was only looking for the manually defined "authorizationCode" flow from an OAuth2 scheme and not the "authorization_code" flow from an OIDC grant.

Motivation and Context

My provider requires PKCE to be used and the integration is currently failing. Adding this check properly supports PKCE.

How Has This Been Tested?

A unit test was added specifically for this flow (copied from the authorizationCode flow). The changes were manually applied to my project to ensure that PKCE was indeed working.

Checklist

My PR contains...

• No code changes (src/ is unmodified: changes to documentation, CI, metadata, etc.)
• Dependency changes (any modification to dependencies in package.json)
• Bug fixes (non-breaking change which fixes an issue)
• Improvements (misc. changes to existing features)
• Features (non-breaking change which adds functionality)

My changes...

• are breaking changes to a public API (config options, System API, major UI change, etc).
• are breaking changes to a private API (Redux, component props, utility functions, etc.).
• are breaking changes to a developer API (npm script behavior changes, new dev system dependencies, etc).
• are not breaking changes.

Documentation

• My changes do not require a change to the project documentation.
• My changes require a change to the project documentation.
• If yes to above: I have updated the documentation accordingly.

Automated tests

• My changes can not or do not need to be tested.
• My changes can and should be tested by unit and/or integration tests.
• If yes to above: I have added tests to cover my changes.
• If yes to above: I have taken care to cover edge cases in my tests.
• All new and existing tests passed.

[brandonros]

i wonder if you should do flow === 'access_code' too?

[tim-lai]

@ChadKillingsworth PR merged! Thanks for the contribution!