WIP: Add PKCE support with oauthlib 3.2.0

[JonathanHuot]

Since oauthlib 3.2.0 now supports PKCE for Clients (https://github.com/oauthlib/oauthlib/releases/tag/v3.2.0), this PR proposes a first implementation . Any feedbacks are welcome, I'm not sure it is production ready yet.

Change from: session = OAuth2Session(client_id) to session = OAuth2Session(app.client_id, pkce="S256")

And be sure to reuse the same session for fetch_token, as it will need to remember code_verifier. It is not really practical beyond PoC, so any suggestions are welcome.