Simplify external OIDC authentication flow

[ekoby]

Allow the following application flow:

1. create Ziti context without credentials
2. query for external signers
3. acquire JWT token: do the OIDC login flow (PKCE, device code, or any other allowed by IdP)
4. set JWT token credential, and authenticate

[ekoby]

[fixed in #803]