feat: support desktop and mobile specific OIDC issuer and client_id

[pat-s]

Description

Enables identity providers that require separate OIDC clients per application type (like Authentik, Kanidm, Zitadel) to work with OpenCloud clients.

• Add desktop-specific OIDC issuer relation (http://openid.net/specs/connect/1.0/issuer/desktop)
• Add mobile-specific OIDC issuer relation (http://openid.net/specs/connect/1.0/issuer/mobile)
• Support optional client_id property in WebFinger link responses

Configuration

WEBFINGER_OIDC_ISSUER_DESKTOP: "https://idp.example.com"
WEBFINGER_OIDC_CLIENT_ID_DESKTOP: "desktop-client-id"
WEBFINGER_OIDC_ISSUER_MOBILE: "https://idp.example.com"
WEBFINGER_OIDC_CLIENT_ID_MOBILE: "mobile-client-id"

Motivation and Context

This problems solves opencloud-eu/desktop#246 and is a complementary PR to opencloud-eu/desktop#766.

Besides the PR for the desktop app, similar changes are needed for the iOS and Android sources.

Screenshots (if appropriate):

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Technical debt
• Tests only (no source changes)

Checklist:

• Code changes
• Unit tests added
• Acceptance tests added
• Documentation added

[kaivol]

I don't think we should allow/encourage using different OIDC issuers (and client ids) for web and desktop/mobile clients.
There really is no reason to do so, and in fact it is incorrect to assume that users from different issuers represent the same entity.

---

Also, I would add the OIDC scopes to request during authentication, just like it is already possible for the web client with WEB_OIDC_SCOPE. This would also fix opencloud-eu/desktop#217.