fix: make client secret argument optional

The client secret is not required in PKCE authentication
mode.
See dexidp/dex#2244 for more info

internal/auth/authenticator_oidc.go

@@ -271,12 +271,15 @@ func extractOAuth2Args(msg *message.Message, readClientInfoFromMessages bool) (O
 		}
 	}
 
-	if clientid == nil || clientsecret == nil || redirecturl == nil {
+	if clientid == nil || redirecturl == nil {
 		temp := ""
 		clientid = &temp
-		clientsecret = &temp
 		redirecturl = &temp
 	}
+	if clientsecret == nil {
+		temp := ""
+		clientsecret = &temp
+	}
 	return OAuthArgs{ssl: ssl, host: host, pathq: pathq,
 					 cookie: cookie, clientid: *clientid,
 					 clientsecret: *clientsecret, redirecturl: *redirecturl},