Add refresh token support for logins

[tminusplus]

What was changed

This adds refresh tokens to tcld by switching to the golang.org/x/oauth2 which supports device codes and refresh tokens.

Other changes in this PR:

• Noticed that other tests were reading the actual tcld config folder. And would panic if it does not exist. So added NewTestApp which sets the config dir to a temporary directory + other convenience settings.
• Removed LoginService to reduce coupling in code, so that connection.go can be tested without invoking a login.
• Removed mocks around LoginService, to ensure the tcld code is exercised in tests.
• Added making the config directory, if it doesn't exist, in feature.go to avoid nil panics in testing.
• Removed the Before code in the NewLoginCommand, as nothing was done with the loaded login config.
• Removed the use of os.RemoveAll, to ensure a bug does not remove directories on a user's computer when the intent was to remove a single file.

Why?

Allows us to shorten token access expiration times.

Checklist

• Tested logging in and making a request.
• Tested logging in on an older tcld, updating, and then making a request.
• Tested logging in on an older tcld, updating, re-logging in, and verified the config is in the new format.
• Tested waiting for the access token to expire, and then making a request to get a new refresh token.
• Added unit tests around refresh token support and the use of the golang.org/x/oauth2 library.
• Tested login flows with refresh tokens disabled server-side.

[shakeelrao]

🚀