Currently enabling Public Client implicitly forces PKCE on the client. Although this is recommended and a smart thing to do, not all clients support PKCE and ultimately PKCE does not replace client_secret but adds a different kind of protection against unauthorized use of the code.
Ultimately, enabling PKCE should be up to the Client's discretion and therefor an extra config parameter for the client.
Currently enabling Public Client implicitly forces PKCE on the client. Although this is recommended and a smart thing to do, not all clients support PKCE and ultimately PKCE does not replace client_secret but adds a different kind of protection against unauthorized use of the code.
Ultimately, enabling PKCE should be up to the Client's discretion and therefor an extra config parameter for the client.