adding responseType as parameter

[jeffersonpenna]

I've got cases where the response_type is different from 'code', so I made a modification that leaves 'code' as default, but allows the user to enter the desired type of response_type.

[coveralls]

Coverage remained the same at 100.0% when pulling 783d656 on jeffersonpenna:master into a02839a on jaredhanson:master.

[rwky]

Merged in https://github.com/passport-next/passport-oauth2

[jaredhanson]

What response_type type do you need to set other than code? The authorization code flow is the one specified by the OAuth 2.0 specification, and any other response_type is likely to have a far different protocol (and thus not be compatible anyway).

(Similar to #107)

[kara-ryli]

What response_type type do you need to set other than code?

OpenID Connect hybrid flows would use code id_token or code id_token token, and would (in theory) be compatible with OAuth2 for the most part.

[jaredhanson]

OpenID Connect also introduces a number of other required checks (nonce, etc), that would not be handled by a base OAuth 2 strategy, such as this. That might lead to subtle security concerns, if you set code id_token or code id_token token and the strategy then does not also do the additional nonce checking and the like.

Using an OpenID Connect specific strategy would be more appropriate than overriding the grant_type.