Add linter rule or http warning for empty scopes

The `scopes` for AuthorizationCodeFlow  is required but allowed for empty values. But actually an empty scope is not acceptable in Azure SDK. Could we add a linter to warn the empty scopes?

https://github.com/microsoft/typespec/blob/main/packages/http/lib/auth.tsp#L148

See dicussions https://github.com/Azure/azure-rest-api-specs/pull/26038#discussion_r1382190547