Fix a bug where only the first supported scope is included in the authentication request

[insertjokehere]

The logic in the constructor for Flow checks if the requested scope is supported, but the break statement means it will stop processing after the first match. This means the library will only include the first matching scope in the request, rather than all scopes specified as intended.

[vanceism7]

Just ran into this myself! Thanks for making the PR!

[rbellens]

@insertjokehere Thanks for this PR. It has now been merged.