Application Integration through OpenID Connect / OAuth 2.0

[FerdinandvHagen]

I would like to propose using the OIDC/OAuth 2.0 flow for the session flow / integration with applications instead of the current JWT based flow - or as a basis for the development of a new session flow as announced in this comment. In contrast to #782 this is not about adding general OIDC/OAuth 2.0 capabilities to login users - but use the OIDC/OAuth 2.0 as the underlying protocol flow for applications to authenticate users through Hanko. For those familiar with OIDC/OAuth 2.0 - essentially making Hanko an OIDC OpenID Provider under the OIDC spec.

Zitadel uses this process and it makes for very simple integration with applications as most languages/frameworks support OIDC/OAuth2.0 out of the box. An explanation of the process and how Zitadel handles this can be found here.

I would expect that any custom session management / application integration process will eventually become very similar to OIDC/OAuth2.0 anyways - and as already discussed in #246 the current usage of a JWT for session management is at least debatable - if not discouraged.

To make implementation easy, Zitadel has open-sourced the OIDC/OAuth2.0 server implementation (GoLang). An example on how to use the library can be found here).