Add installer_options.state_verification to customize OAuth flow for admin's app installations

[seratch]

Description

Having a state parameter in OAuth flow is a highly recommended practice for security in general. However, when Slack Enterprise Grid Org admins install an org-wide app from their app management page, there is no way to customize the slack.com authorize url.

Thus, to support the admins' use case, we can introduce a new option to disable state parameter validation in the OAuth flow. We are going to add flag options to App and AsyncApp plus modify the internal logic.

References:

• bolt-js: installer_options.state_verification
• bolt-python: oauth_settings.state_validation_enabled
  • Add oauth_settings.state_validation_enabled to customize the OAuth flow bolt-python#454
• bolt-java: AppConfig#stateValidationEnabled
  • Add stateValidationEnabled option to AppConfig java-slack-sdk#828

What type of issue is this? (place an x in one of the [ ])

• bug
• enhancement (feature request)
• question
• documentation related
• example code related
• testing related
• discussion

Requirements (place an x in each of the [ ])

• I've read and understood the Contributing guidelines and have done my best effort to follow them.
• I've read and agree to the Code of Conduct.
• I've searched for any related issues and avoided creating a duplicate issue.

[seratch]

Releasing @slack/oauth@2.3.0 and upgrading the dependency in this project is required to fix this issue: https://github.com/slackapi/node-slack-sdk/milestone/27