Missing PKCE is success in email verification flow

[scotttrinh]

Since end users might verify their email on a different device than the user agent they initiated the sign up (or sign in) flow with, treat this as a success condition. The application will need to detect this case and show a message that confirms that the email is verified, but that the user will need to sign in to complete.

Note: this is a breaking change, so we need to bump the minor (given this is a 0.x release)