Token revoke endpoint & public clients

[Kichiyaki]

Describe the bug
It's not possible to revoke a token via /application/o/revoke/ without providing client_secret for public clients.

To Reproduce
Steps to reproduce the behavior:

1. Create an oauth2 provider with client type=public.
2. Authorize using the created provider.
3. Generate tokens.
4. Try revoking the access/refresh token via /application/o/revoke/.

Expected behavior
Public clients can revoke a token via /application/o/revoke/ without providing client_secret.

Screenshots
If applicable, add screenshots to help explain your problem.

Logs
Output of docker-compose logs or kubectl logs respectively

Version and Deployment (please complete the following information):

• authentik version: 2024.10.2
• Deployment: docker-compose

Additional context
The RFC states that a client's request must contain a valid client_id, in the case of a public client, or valid client credentials, in the case of a confidential client.

I believe the culprit is this function: https://github.com/goauthentik/authentik/blob/main/authentik/providers/oauth2/utils.py#L181.

[Kichiyaki]

Workaround: change client type to confidential and set client_secret to an empty string (via UI, I couldn't do it via Terraform) and change it back to public.