feat: server_auth with Microsoft Workload Identity

[MagicAbdel]

This PR adds support for Microsoft Workload Identity for server authentication on a per-user basis, following the existing pattern used for rds_iam.

Changes:

• Implemented token acquisition logic for Azure Entra ID.
• Ensured parity with the rds_iam implementation for

This is my first contribution in Rust! 🦀
I’ve done my best to follow the existing patterns in the codebase, but I'm still learning the nuances of the language. Please be indulgent. If there are more idiomatic ways to handle the logic, async calls, or error handling, I am very happy to make changes based on your feedback!

Note: I also created a PR on the helm chart (here) to allow users to add azure.workload.identity/use: "true" label to the pod for injecting workload Identity.

Here are some logs I tested this solution in AKS with Workload Identity directly injected into the pod:

[CLAassistant]

All committers have signed the CLA.

[levkk]

💯 👍 🙏 🚀

[levkk]

rand has been an issue for a while. Every time a new crate is added that uses a different version than what we have, we get this conflict. Let me see if I can resolve it.

[levkk]

Apply this diff when you get a second:

diff --git a/pgdog-config/src/util.rs b/pgdog-config/src/util.rs
index 64c10341..6e39d55d 100644
--- a/pgdog-config/src/util.rs
+++ b/pgdog-config/src/util.rs
@@ -1,6 +1,6 @@
 use std::time::Duration;
 
-use rand::{distr::Alphanumeric, Rng};
+use rand::{distr::Alphanumeric, RngExt};
 
 pub fn human_duration_optional(duration: Option<Duration>) -> String {
     if let Some(duration) = duration {

[MagicAbdel]

Applied the diff and verified with cargo check. The rand conflict seems resolved now. Thanks for the help with that