I am probably misunderstanding something about the authorization code grant type but there is a findAuthInfoByCode in DataHandler, but no createAuthorizationCode. Can you explain why?

I expect that it has something to do with the fact that the code is generated after a successful login flow, which this library doesn't really have anything to do with, even though the library does verify that the authorization code corresponds to an authorized user/client when the client exchanges the authorization code for an access token. Is this correct?

Still, would it be a good idea to include a DataHandler.createAuthorizationCode just for symmetry's sake, to provide something for the login controller to hook into that fits into the rest of the oauth2 flow?

Because generation process of the authorization code is another flow.
Work of DataHandler is to generate an access token and protect resources.

See https://tools.ietf.org/html/rfc6749#section-4.1