fix(#25): this commit introduces validation for client identifier in authorization code grant type

Author: https-richardy

Applications/Backend/Source/HttpsRichardy.Federation.Application/Validators/Identity/ClientAuthenticationCredentialsValidator.cs

@@ -27,6 +27,12 @@ public ClientAuthenticationCredentialsValidator()
 
         When(credential => credential.GrantType == SupportedGrantType.AuthorizationCode, () =>
         {
+            RuleFor(credential => credential.ClientId)
+                .NotEmpty()
+                .WithMessage("client identifier must not be empty.")
+                .MaximumLength(200)
+                .WithMessage("client identifier must be at most 200 characters long.");
+
             RuleFor(credential => credential.Code)
                 .NotEmpty()
                 .WithMessage("code must not be empty.");