save the oidc response instead of just the access token

instead of saving only the oauth secret, save the oidc response as json which contains the id-token.

From the id-token, we can then extract groups_direct claims and use that information in scripts.

Normally we should be able to use the id-token for login without saving the oauth secret by calling set_id_token_hint

	let mut auth_req = client
		.authorize_url(
			AuthenticationFlow::<CoreResponseType>::AuthorizationCode,
			CsrfToken::new_random,
			Nonce::new_random,
		)
		.add_scope(Scope::new("api".to_string()));
 
	// set the id_token_hint and let the system choose if we need to log in again
	let token = OAuth2Token::from_cache(host);
	if let Some(ref auth_token) = token {
		if let Some(id_token) = auth_token.extra_fields().id_token() {
			auth_req = auth_req.set_id_token_hint(id_token);
		}
	};

	// Generate the authorization URL to which we'll redirect the user.
	let (authorize_url, csrf_state, nonce) = auth_req.url();