validate secrets only with text

[strehle]

This fixes client creation rest call with empty secret.
Empty client secret is allowed via YAML setting already, but
in a REST call there is an error:
Client Secret must be at least 1 characters in length.

Why this occurs: There is a policy validator for user and client
policy validation.

For users, a minimum of 1 char for a password might be ok,
for a client not. A secret can be empty.

Before 76.22.0 a missing secret in a client creation call was defaulted
to an empty secret, but with #2455
this was fixed. The fix prevented the creation with an empty secret.

Therefore, this here is a fix for a regression introduced with 76.22.0.
It simply prevents the policy validation if the secret is without text
(null or empty).

Fix for issue #2570

[cf-gitbot]

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/186329816

The labels on this github issue will be updated when the story is started.

[peterhaochen47]

@strehle In #2570, you mentioned that the empty string client secret is not allowed in API because of this code. So I'm a little confused on why this PR would solve your problem without touching that code?

[strehle]

@strehle In #2570, you mentioned that the empty string client secret is not allowed in API because of this code. So I'm a little confused on why this PR would solve your problem without touching that code?

With this PR we do not reach this code

[peterhaochen47]

The general approach is fine.

Please rewrite the commit to include all the context/motivations behind the change such that future developers would understand why the change was made.