change default PKCE to always enabled

app/src/main/res/layout/demo_activity.xml

@@ -45,14 +45,14 @@
                 android:layout_height="wrap_content"
                 android:layout_weight="1"
                 android:checked="true"
-                android:text="Use Webview" />
+                android:text="Use Browser" />
 
             <RadioButton
                 android:id="@+id/radio_use_webview"
                 android:layout_width="0dp"
                 android:layout_height="wrap_content"
                 android:layout_weight="1"
-                android:text="Use Browser" />
+                android:text="Use WebView" />
         </RadioGroup>
 
         <CheckBox

lib/src/main/java/com/auth0/android/lock/Lock.java

@@ -229,7 +229,7 @@ public Builder useBrowser(boolean useBrowser) {
 
         /**
          * Whether to use PKCE or the implicit token grant when performing calls to /authenticate.
-         * Default is {@code false}
+         * Default is {@code true}
          *
          * @param usePKCE if Lock will use PKCE instead of the implicit token grant.
          * @return the current Builder instance

lib/src/main/java/com/auth0/android/lock/Options.java

@@ -75,6 +75,7 @@ public Options() {
         allowForgotPassword = true;
         loginAfterSignUp = true;
         useCodePasswordless = true;
+        usePKCE = true;
         authenticationParameters = new HashMap<>();
         customFields = new ArrayList<>();
         theme = Theme.newBuilder().build();

lib/src/main/java/com/auth0/android/lock/PasswordlessLock.java

@@ -238,7 +238,7 @@ public Builder useBrowser(boolean useBrowser) {
 
         /**
          * Whether to use PKCE or the implicit token grant when performing calls to /authenticate.
-         * Default is {@code false}
+         * Default is {@code true}
          *
          * @param usePKCE if Lock will use PKCE instead of the implicit token grant.
          * @return the current Builder instance

lib/src/test/java/com/auth0/android/lock/OptionsTest.java

@@ -106,7 +106,21 @@ public void shouldUseSmallSocialButtonStyle() {
     }
 
     @Test
-    public void shouldUsePKCE() {
+    public void shouldHavePKCEEnabledByDefault() {
+        Options options = new Options();
+        options.setAccount(auth0);
+
+        Parcel parcel = Parcel.obtain();
+        options.writeToParcel(parcel, 0);
+        parcel.setDataPosition(0);
+
+        Options parceledOptions = Options.CREATOR.createFromParcel(parcel);
+        assertThat(options.usePKCE(), is(true));
+        assertThat(parceledOptions.usePKCE(), is(true));
+    }
+
+    @Test
+    public void shouldEnablePKCE() {
         Options options = new Options();
         options.setAccount(auth0);
         options.setUsePKCE(true);
@@ -116,7 +130,23 @@ public void shouldUsePKCE() {
         parcel.setDataPosition(0);
 
         Options parceledOptions = Options.CREATOR.createFromParcel(parcel);
-        assertThat(options.usePKCE(), is(equalTo(parceledOptions.usePKCE())));
+        assertThat(options.usePKCE(), is(true));
+        assertThat(parceledOptions.usePKCE(), is(true));
+    }
+
+    @Test
+    public void shouldDisablePKCE() {
+        Options options = new Options();
+        options.setAccount(auth0);
+        options.setUsePKCE(false);
+
+        Parcel parcel = Parcel.obtain();
+        options.writeToParcel(parcel, 0);
+        parcel.setDataPosition(0);
+
+        Options parceledOptions = Options.CREATOR.createFromParcel(parcel);
+        assertThat(options.usePKCE(), is(false));
+        assertThat(parceledOptions.usePKCE(), is(false));
     }
 
     @Test
@@ -486,7 +516,7 @@ public void shouldSetDefaultValues() {
         Options parceledOptions = Options.CREATOR.createFromParcel(parcel);
         assertTrue(options != parceledOptions); //assure correct Parcelable object testing
         assertThat(options.useBrowser(), is(false));
-        assertThat(options.usePKCE(), is(false));
+        assertThat(options.usePKCE(), is(true));
         assertThat(options.allowLogIn(), is(true));
         assertThat(options.allowSignUp(), is(true));
         assertThat(options.allowForgotPassword(), is(true));