update README.

README.md

@@ -47,6 +47,17 @@ Configuration details:
   is valid. There are plans to bring in implicit flow and hybrid flow at some
   point, but it hasn't come up yet for me. Those flows aren't best practive for
   server side web apps anyway and are designed more for native/mobile apps.
+  * If you want to pass `state` paramete by yourself. You can set Proc Object.  
+  e.g. `state: Proc.new{ SecureRandom.hex(32) }`
+  * `nonce` is optional. If don't want to pass "nonce" parameter to provider, You should specify
+  `false` to `send_nonce` option. (default true)
+  * Support for other client authentication methods. If don't specified
+  `:client_auth_method` option, automatically set `:basic`.
+  * Use "OpenID Connect Discovery", You should specify `true` to `discovery` option. (default false)
+  * In "OpenID Connect Discovery", generally provider should have Webfinger endpoint.
+  If provider does not have Webfinger endpoint, You can specify "Issuer" to option.  
+  e.g. `issuer: "myprovider.com"`  
+  It means to get configuration from "https://myprovider.com/.well-known/openid-configuration".
 
 For the full low down on OpenID Connect, please check out
 [the spec](http://openid.net/specs/openid-connect-core-1_0.html).