Support OIDC Client JWT Bearer authentication

[sberyozkin]

Description

https://www.rfc-editor.org/rfc/rfc7523 defines how an incoming or possibly stored JWT bearer token can be exchanged using the JWT bearer token grant (already supported by the OIDC client) or be used to authenticate the client as part of whatever grant requests that are made.

For example, the use case in #38458 is to use the token capturing the current client credentials which is periodically recycled in the cluster thus making it a more secure option to authenticate to the OIDC server.

Implementation ideas

This token is obtained out of band as far as the OIDC client is concerned whose job is to acquire tokens, therefore to support the JWT bearer client authentication at the OIDC client filter level a custom filter is required.

This issue is about making creating such custom filters very easy by only having to extend an abstract class and provide a required assertion property.

Going forward it will also benefit other cases where the OIDC client request parameters have to be provided dynamically at the filter level

[quarkus-bot]

/cc @pedroigor (bearer-token,oidc)