✨(settings) Allow configuring PKCE for the SSO (#886)

C.f.
https://mozilla-django-oidc.readthedocs.io/en/latest/settings.html#OIDC_USE_PKCE

## Purpose

Add pkce settings

## Proposal
Get the settings from the environment

Signed-off-by: Tom Hubrecht <github@mail.hubrecht.ovh>

CHANGELOG.md

@@ -12,6 +12,7 @@ and this project adheres to
 
 - 🚸(backend) make document search on title accent-insensitive #874
 - 🚩 add homepage feature flag #861
+- ✨(settings) Allow configuring PKCE for the SSO #886
 
 ## Changed
 

src/backend/impress/settings.py

@@ -520,6 +520,17 @@ class Base(Configuration):
         environ_name="OIDC_FALLBACK_TO_EMAIL_FOR_IDENTIFICATION",
         environ_prefix=None,
     )
+    OIDC_USE_PKCE = values.BooleanValue(
+        default=False, environ_name="OIDC_USE_PKCE", environ_prefix=None
+    )
+    OIDC_PKCE_CODE_CHALLENGE_METHOD = values.Value(
+        default="S256",
+        environ_name="OIDC_PKCE_CODE_CHALLENGE_METHOD",
+        environ_prefix=None,
+    )
+    OIDC_PKCE_CODE_VERIFIER_SIZE = values.IntegerValue(
+        default=64, environ_name="OIDC_PKCE_CODE_VERIFIER_SIZE", environ_prefix=None
+    )
 
     # WARNING: Enabling this setting allows multiple user accounts to share the same email
     # address. This may cause security issues and is not recommended for production use when