fix(pkce): get code_challenge and _method from query if not present in body

Merge pull request #197 from node-oauth/fix-pkce-missing-query

Author: jankapunkt

lib/handlers/authorize-handler.js

@@ -369,7 +369,7 @@ AuthorizeHandler.prototype.updateResponse = function(response, redirectUri, stat
 };
 
 AuthorizeHandler.prototype.getCodeChallenge = function(request) {
-  return request.body.code_challenge;
+  return request.body.code_challenge || request.query.code_challenge;
 };
 
 /**
@@ -380,7 +380,7 @@ AuthorizeHandler.prototype.getCodeChallenge = function(request) {
  *  (see https://www.rfc-editor.org/rfc/rfc7636#section-4.4)
  */
 AuthorizeHandler.prototype.getCodeChallengeMethod = function(request) {
-  const algorithm = request.body.code_challenge_method;
+  const algorithm = request.body.code_challenge_method || request.query.code_challenge_method;
 
   if (algorithm && !pkce.isValidMethod(algorithm)) {
     throw new InvalidRequestError(`Invalid request: transform algorithm '${algorithm}' not supported`);