OIDC: support device code flow without secret or PKCE

[soxofaan]

OIDC device code flow support: Python client assumes there are just two modes: with client secret or with PKCE, but apparently there are also implementations (e.g. KeyCloak 13+) that use neither. Python client should support these 3 (or more) properly

also see Open-EO/openeo-api#410

[m-mohr]

It seems like authorization code flow also works without PKCE and client secret, so should be added, too.

[soxofaan]

Open-EO/openeo-api#411 was merged and added default_client grants:

• authorization_code
• urn:ietf:params:oauth:grant-type:device_code

[soxofaan]

@aljacob the python client should now support default clients using OIDC device auth grant without PKCE nor client secret. Can
you confirm that it works with you Keycloak setup?

FYI new feature is not in latest release (0.8.2), so use a recent git checkout (or a version >0.8.2 if that's available by the time you verify)

[soxofaan]

FYI: I didn't add support for

It seems like authorization code flow also works without PKCE and client secret, so should be added, too.

I'm not sure if it's worth the trouble supporting at the moment (supporting it for device auth grant turned out more effort than I expected).
I'm even thinking we should just deprecate authorization code flow (in Python client usage) all together because it's just too hard to get it working properly in any form. Nobody is going to use it in practice now that device auth grant is getting more popular and more widely supported. -> #235

[soxofaan]

In an effort to clean up some outstanding issues, I'm going to close this one.
Feel free to reopen if follow up is necessary