Adds functionality to support Identity Provider (IdP) managers
that do not support a complete verification URI in the
device authentication flow.
In cases where the verification_uri_complete field is empty,
the user will be prompted with their user_code,
and the verification_uri field will be used as a fallback
Some IDP requires different scope requests and
issue access tokens for different purposes
This change allow for remote configurable scopes
and the use of ID token
Support Generic OAuth 2.0 Device Authorization Grant
as per RFC specification https://www.rfc-editor.org/rfc/rfc8628.
The previous version supported only Auth0 as an IDP backend.
This implementation enables the Interactive SSO Login feature
for any IDP compatible with the specification, e.g., Keycloak.
* GetClientID method and increase interval on slow_down err
* Reuse existing authentication flow if is not expired
Created a new struct to hold additional info
about the flow
If there is a waiting sso running, we cancel its context
* Run the up command on a goroutine
* Use time.Until
* Use proper ctx and consistently use goroutine for up/down
UI and CLI Clients are now able to use SSO login by default
we will check if the management has configured or supports SSO providers
daemon will handle fetching and waiting for an access token
Oauth package was moved to internal to avoid one extra package at this stage
Secrets were removed from OAuth
CLI clients have less and better output
2 new status were introduced, NeedsLogin and FailedLogin for better messaging
With NeedsLogin we no longer have endless login attempts
